Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226)

A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277)

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2014-8111)

It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. (CVE-2015-0227)

It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586)

The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat.

This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References.

All users who require JBoss Enterprise Application Platform 6.4.0 on Red Hat Enterprise Linux 7 should install these new packages. The JBoss server process must be restarted for the update to take effect.

The remote host appears to be running IBM WebSphere Application Server 8.5 prior to 8.5.5.6.  Such versions are potentially affected by multiple issues :

 - A flaw exists that is triggered as deployment descriptor security constraints are combined with ServletSecurity annotations on a servlet. This may allow a remote attacker to gain elevated privileges. (CVE-2014-8890)
 - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists in the IBM Global Security Kit (GSKit) due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits.  A man-in-the-middle (MitM) attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0138)
 - An information disclosure vulnerability exists due to a flaw in the Bleichenbacher countermeasure implementation in Apache WSS4J.  A remote attacker can exploit this, via a crafted message, to determine where an encryption failure took place, allowing the attacker to gain access to the plaintext symmetric key. (CVE-2015-0226)
 - An XML External Entity (XXE) vulnerability exists due to an incorrectly configured XML parser that accepts XML external entities from an untrusted source.  A remote attacker can exploit this, via specially crafted XML data, to gain access to arbitrary files. (CVE-2015-0250)
 - A privilege escalation vulnerability exists due to a flaw that occurs in 'full' profile and 'liberty' profile when using an OAuth grant password.  A remote attacker can exploit this to gain elevated privileges. (CVE-2015-1885)
 - A privilege escalation vulnerability exists due to incorrect settings in the 'serveServletsbyClassname' functionality.  A remote attacker can exploit this to gain elevated privileges. (CVE-2015-1927)
 - An information disclosure vulnerability exists that allows an unauthenticated, remote attacker to identify the proxy server software by reading the HTTP 'Via' header. (CVE-2015-1932)
 - An unspecified flaw exists in the administrative console that allows a remote attacker, via the 'JSESSIONID' parameter, to hijack a user's session. (CVE-2015-1936)
 - A privilege escalation vulnerability exists due to an unspecified flaw that occurs when handling user roles.  A local attacker can exploit this to gain elevated privileges. (CVE-2015-1946)
 - A security feature bypass vulnerability exists, known as Bar Mitzvah, due to improper combination of state data with key data by the RC4 cipher algorithm during the initialization phase.  A MitM attacker can exploit this, via a brute-force attack using LSB values, to decrypt the traffic. (CVE-2015-2808)
 - An unspecified flaw exists that allows an unauthenticated, remote attacker to spoof servlets or disclose sensitive information. (CVE-2015-4938)

The remote host appears to be running IBM WebSphere Application Server 8.0 prior to 8.0.0.11.  Such versions are potentially affected by multiple issues :

 - A flaw exists that is triggered as deployment descriptor security constraints are combined with ServletSecurity annotations on a servlet. This may allow a remote attacker to gain elevated privileges. (CVE-2014-8890)
 - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists in the IBM Global Security Kit (GSKit) due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits.  A man-in-the-middle (MitM) attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0138)
 - An information disclosure vulnerability exists due to a flaw in the Bleichenbacher countermeasure implementation in Apache WSS4J.  A remote attacker can exploit this, via a crafted message, to determine where an encryption failure took place, allowing the attacker to gain access to the plaintext symmetric key. (CVE-2015-0226)
 - An XML External Entity (XXE) vulnerability exists due to an incorrectly configured XML parser that accepts XML external entities from an untrusted source.  A remote attacker can exploit this, via specially crafted XML data, to gain access to arbitrary files. (CVE-2015-0250)
 - A privilege escalation vulnerability exists due to a flaw that occurs in 'full' profile and 'liberty' profile when using an OAuth grant password.  A remote attacker can exploit this to gain elevated privileges. (CVE-2015-1885)
 - A privilege escalation vulnerability exists due to incorrect settings in the 'serveServletsbyClassname' functionality.  A remote attacker can exploit this to gain elevated privileges. (CVE-2015-1927)
 - An information disclosure vulnerability exists that allows an unauthenticated, remote attacker to identify the proxy server software by reading the HTTP 'Via' header. (CVE-2015-1932)
 - An unspecified flaw exists in the administrative console that allows a remote attacker, via the 'JSESSIONID' parameter, to hijack a user's session. (CVE-2015-1936)
 - A privilege escalation vulnerability exists due to an unspecified flaw that occurs when handling user roles.  A local attacker can exploit this to gain elevated privileges. (CVE-2015-1946)
 - A security feature bypass vulnerability exists, known as Bar Mitzvah, due to improper combination of state data with key data by the RC4 cipher algorithm during the initialization phase.  A MitM attacker can exploit this, via a brute-force attack using LSB values, to decrypt the traffic. (CVE-2015-2808)
 - An unspecified flaw exists that allows an unauthenticated, remote attacker to spoof servlets or disclose sensitive information. (CVE-2015-4938)

The remote host appears to be running IBM WebSphere Application Server 7.0 prior to 7.0.0.39. Such versions are potentially affected by multiple issues :

 - A flaw exists that is triggered as deployment descriptor security constraints are combined with 'ServletSecurity' annotations on a servlet. This may allow a remote attacker to gain elevated privileges. (CVE-2014-8890)
 - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists in the IBM Global Security Kit (GSKit) due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits.  A man-in-the-middle (MitM) attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0138)
 - An information disclosure vulnerability exists due to a flaw in the Bleichenbacher countermeasure implementation in Apache WSS4J.  A remote attacker can exploit this, via a crafted message, to determine where an encryption failure took place, allowing the attacker to gain access to the plaintext symmetric key. (CVE-2015-0226)
 - An XML External Entity (XXE) vulnerability exists due to an incorrectly configured XML parser that accepts XML external entities from an untrusted source.  A remote attacker can exploit this, via specially crafted XML data, to gain access to arbitrary files. (CVE-2015-0250)
 - A privilege escalation vulnerability exists due to a flaw that occurs in 'full' profile and 'liberty' profile when using an OAuth grant password.  A remote attacker can exploit this to gain elevated privileges. (CVE-2015-1885)
 - A privilege escalation vulnerability exists due to incorrect settings in the 'serveServletsbyClassname' functionality.  A remote attacker can exploit this to gain elevated privileges. (CVE-2015-1927)
 - An information disclosure vulnerability exists that allows an unauthenticated, remote attacker to identify the proxy server software by reading the HTTP 'Via' header. (CVE-2015-1932)
 - An unspecified flaw exists in the administrative console that allows a remote attacker, via the 'JSESSIONID' parameter, to hijack a user's session. (CVE-2015-1936)
 - A privilege escalation vulnerability exists due to an unspecified flaw that occurs when handling user roles.  A local attacker can exploit this to gain elevated privileges. (CVE-2015-1946)
 - A flaw exists that is triggered as CRLF (Carriage Return and Line Feed) character sequences are not properly sanitized before being included in HTTP responses.  This allows a remote attacker to inject additional headers into responses to conduct HTTP response splitting attacks. (CVE-2015-2017)
 - A security feature bypass vulnerability exists, known as Bar Mitzvah, due to improper combination of state data with key data by the RC4 cipher algorithm during the initialization phase.  A MitM attacker can exploit this, via a brute-force attack using LSB values, to decrypt the traffic. (CVE-2015-2808)
 - An unspecified flaw exists that allows an unauthenticated, remote attacker to spoof servlets or disclose sensitive information. (CVE-2015-4938)
 - An unspecified exists flaw in the 'Management' port. This may allow a remote attacker to execute arbitrary code. No further details have been provided by the vendor. (CVE-2015-1920)

The IBM WebSphere Application Server running on the remote host is version 7.0 prior to 7.0.0.39, 8.0 prior to 8.0.0.11, or 8.5 prior to 8.5.5.6. It is, therefore, potentially affected by multiple vulnerabilities :

  - A security feature bypass vulnerability, known as FREAK     (Factoring attack on RSA-EXPORT Keys), exists in the IBM     Global Security Kit (GSKit) due to the support of weak     EXPORT_RSA cipher suites with keys less than or equal to     512 bits. A man-in-the-middle attacker may be able to     downgrade the SSL/TLS connection to use EXPORT_RSA     cipher suites which can be factored in a short amount of     time, allowing the attacker to intercept and decrypt the     traffic. (CVE-2015-0138)

  - An information disclosure vulnerability exists due to a     flaw in the Bleichenbacher countermeasure implementation     in Apache WSS4J. A remote attacker can exploit this, via     a crafted message, to determine where an encryption     failure to place, allowing the attacker to gain access     to the plaintext symmetric key. (CVE-2015-0226)

  - An XML External Entity (XXE) vulnerability exists due to     an incorrectly configured XML parser that accepts XML     external entities from an untrusted source. A remote     attacker can exploit this, via specially crafted XML     data, to gain access to arbitrary files. (CVE-2015-0250)

  - A privilege escalation vulnerability exists due to a     flaw that occurs in 'full' profile and 'liberty' profile     when using an OAuth grant password. A remote attacker     can exploit this to gain elevated privileges.
    (CVE-2015-1885)

  - A privilege escalation vulnerability exists due to     incorrect settings in the serveServletsbyClassname     functionality. A remote attacker can exploit this to     gain elevated privileges. (CVE-2015-1927)

  - An information disclosure vulnerability exists that     allows an unauthenticated, remote attacker to identify     the proxy server software by reading the HTTP 'Via'     header. (CVE-2015-1932)

  - An unspecified flaw exists in the administrative console     that allows a remote attacker, via the 'JSESSIONID'     parameter, to hijack a user's session. (CVE-2015-1936)

  - A privilege escalation vulnerability exists due to an     unspecified flaw that occurs when handling user roles.
    A local attacker can exploit this to gain elevated     privileges. (CVE-2015-1946)   
  - A security feature bypass vulnerability exists, known as     Bar Mitzvah, due to improper combination of state data     with key data by the RC4 cipher algorithm during the     initialization phase. A man-in-the-middle attacker can     exploit this, via a brute-force attack using LSB values,     to decrypt the traffic. (CVE-2015-2808)

  - An unspecified flaw exists that allows an     unauthenticated, remote attacker to spoof servlets or     disclose sensitive information. (CVE-2015-4938)

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226)

It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. (CVE-2015-0227)

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2014-8111)

A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277)

It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586)

The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat.

This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References.

All users who require JBoss Enterprise Application Platform 6.4.0 on Red Hat Enterprise Linux 6 should install these new packages. The JBoss server process must be restarted for the update to take effect.

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226)

It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. (CVE-2015-0227)

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2014-8111)

A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277)

It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586)

The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat.

This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References.

All users who require JBoss Enterprise Application Platform 6.4.0 on Red Hat Enterprise Linux 5 should install these new packages. The JBoss server process must be restarted for the update to take effect.

ID	Name	Product	Family	Severity
112239	RHEL 7 : JBoss EAP (RHSA-2015:0848)	Nessus	Red Hat Local Security Checks	high
9716	IBM WebSphere Application Server 8.5 < 8.5.5.6 Multiple Vulnerabilities (FREAK)	Nessus Network Monitor	Web Servers	high
9713	IBM WebSphere Application Server 8.0 < 8.0.0.11 Multiple Vulnerabilities (FREAK)	Nessus Network Monitor	Web Servers	high
9700	IBM WebSphere Application Server 7.0 < 7.0.0.39 Multiple Vulnerabilities (FREAK)	Nessus Network Monitor	Web Servers	high
84639	IBM WebSphere Application Server 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.11 (FP11) / 8.5 < 8.5.5.6 (FP6) Multiple Vulnerabilities (Bar Mitzvah) (FREAK)	Nessus	Web Servers	high
82896	RHEL 6 : JBoss EAP (RHSA-2015:0847)	Nessus	Red Hat Local Security Checks	high
82895	RHEL 5 : JBoss EAP (RHSA-2015:0846)	Nessus	Red Hat Local Security Checks	high

Detections

Analytics

CVE-2015-0226

high

Tenable Plugins

high

high

high

high

high

high

high