JBoss Portal 6.1.0 Update (RHSA-2013:1437)

High Nessus Plugin ID 72237

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote Red Hat host is missing a security update.

Description

The version of JBoss Enterprise Portal Platform on the remote system is affected by the following issues:

- A flaw in CSRF prevention filter in JBoss Web could allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. (CVE-2012-4431)

- A flaw that occurs when the COOKIE session tracking method is used can allow attackers to hijack users' sessions. (CVE-2012-4529)

- A flaw that occurs when multiple applications use the same custom authorization module class name can allow a local attacker to deploy a malicious application that overrides the custom authorization modules provided by other applications. (CVE-2012-4572)

- The framework does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting. This can allow remote attackers to force the system to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications.
(CVE-2012-5575)

- A flaw in PicketBox can allow local users to obtain the admin encryption key by reading the Vault data file.
(CVE-2013-1921)

- A session fixation flaw was found in the FormAuthenticator module. (CVE-2013-2067)

- A flaw that occurs when a JGroups channel was started results in the JGroups diagnostics service being enabled by default with no authentication via IP multicast. A remote attacker can make use of this flaw to read diagnostics information. (CVE-2013-2102)

- A flaw in the StAX parser implementation can allow remote attackers to cause a denial of service via crafted XML. (CVE-2013-2160)

- A flaw in Apache Santuario XML Security can allow context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak algorithm. (CVE-2013-2172)

- A flaw in JGroup's DiagnosticsHandler can allow remote attackers to obtain sensitive information and execute arbitrary code by re-using valid credentials.
(CVE-2013-4112)

- A flaw in the manner in which authenticated connections were cached on the server by remote-naming can allow remote attackers to hijack sessions by using a remoting client. (CVE-2013-4128)

- A flaw in the manner in which connections for EJB invocations were cached on the server can allow remote attackers to hijack sessions by using an EJB client.
(CVE-2013-4213)

Solution

Upgrade the installed JBoss Portal 6.0.0 to 6.1.0 or later.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=868202

https://bugzilla.redhat.com/show_bug.cgi?id=872059

https://bugzilla.redhat.com/show_bug.cgi?id=880443

https://bugzilla.redhat.com/show_bug.cgi?id=883636

https://bugzilla.redhat.com/show_bug.cgi?id=929197

https://bugzilla.redhat.com/show_bug.cgi?id=948106

https://bugzilla.redhat.com/show_bug.cgi?id=961779

https://bugzilla.redhat.com/show_bug.cgi?id=963984

https://bugzilla.redhat.com/show_bug.cgi?id=983489

https://bugzilla.redhat.com/show_bug.cgi?id=984795

https://bugzilla.redhat.com/show_bug.cgi?id=985359

https://bugzilla.redhat.com/show_bug.cgi?id=999263

https://www.redhat.com/security/data/cve/CVE-2012-4431.html

https://www.redhat.com/security/data/cve/CVE-2012-4529.html

https://www.redhat.com/security/data/cve/CVE-2012-4572.html

https://www.redhat.com/security/data/cve/CVE-2012-5575.html

https://www.redhat.com/security/data/cve/CVE-2013-1921.html

https://www.redhat.com/security/data/cve/CVE-2013-2067.html

https://www.redhat.com/security/data/cve/CVE-2013-2102.html

https://www.redhat.com/security/data/cve/CVE-2013-2160.html

https://www.redhat.com/security/data/cve/CVE-2013-2172.html

https://www.redhat.com/security/data/cve/CVE-2013-4112.html

https://www.redhat.com/security/data/cve/CVE-2013-4128.html

https://www.redhat.com/security/data/cve/CVE-2013-4213.html

Plugin Details

Severity: High

ID: 72237

File Name: redhat-RHSA-2013-1437.nasl

Version: 1.9

Type: local

Agent: unix

Published: 2014/01/31

Updated: 2020/09/24

Dependencies: 72202, 12634

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:redhat:jboss_enterprise_portal_platform:6.1.0

Required KB Items: Host/local_checks_enabled, Host/RedHat/release

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/10/16

Vulnerability Publication Date: 2012/10/10

Reference Information

CVE: CVE-2012-4431, CVE-2012-4529, CVE-2012-4572, CVE-2012-5575, CVE-2013-1921, CVE-2013-2067, CVE-2013-2102, CVE-2013-2160, CVE-2013-2172, CVE-2013-4112, CVE-2013-4128, CVE-2013-4213

BID: 56814, 59799, 60040, 60043, 60045, 60846, 61030, 61179, 61739, 61742, 62256, 63196

RHSA: 2013:1437