FreeBSD : cassandra -- remote execution of arbitrary code (607f4d44-0158-11e5-8fda-002590263bf5)

High Nessus Plugin ID 83796


The remote FreeBSD host is missing one or more security-related updates.


Jake Luciani reports :

Under its default configuration, Cassandra binds an unauthenticated JMX/RMI interface to all network interfaces. As RMI is an API for the transport and remote execution of serialized Java, anyone with access to this interface can execute arbitrary code as the running user.

Mitigation :

1.2.x has reached EOL, so users of <= 1.2.x are recommended to upgrade to a supported version of Cassandra, or manually configure encryption and authentication of JMX, (see

2.0.x users should upgrade to 2.0.14

2.1.x users should upgrade to 2.1.4

Alternately, users of any version not wishing to upgrade can reconfigure JMX/RMI to enable encryption and authentication according to .html

Credit :

This issue was discovered by Georgi Geshev of MWR InfoSecurity


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 83796

File Name: freebsd_pkg_607f4d44015811e58fda002590263bf5.nasl

Version: $Revision: 2.1 $

Type: local

Published: 2015/05/26

Modified: 2015/05/26

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:cassandra, p-cpe:/a:freebsd:freebsd:cassandra2, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2015/05/24

Vulnerability Publication Date: 2015/04/01

Reference Information

CVE: CVE-2015-0225