Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
98
security advisoryRed HatupdateRed Hat: RHSA-2007:0360-01 Important: jbossas Security Update
Updated jbossas packages that fix multiple security issues in tomcat are now available for Red Hat Application Stack. This update has been rated as having Important security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: jbossas security update Advisory ID: RHSA-2007:0360-01 Advisory URL: https://access.redhat.com/errata/RHSA-2007:0360.html Issue date: 2007-05-24 Updated on: 2007-05-24 Product: Red Hat Application Stack CVE Names: CVE-2005-2090 CVE-2007-0450 - ---------------------------------------------------------------------1. Summary: Updated jbossas packages that fix multiple security issues in tomcat are now available for Red Hat Application Stack. This update has been rated as having Important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - noarch Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - noarch 3. Problem description: Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. This update addresses the following issues: Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. (CVE-2005-2090) Tomcat permitted various characters as path delimiters. If Tomcat was used behind certain proxies and configured to only proxy some contexts, an attacker could construct an HTTP request to work around the context restriction and potentially access non-proxied content. (CVE-2007-0450) Users should upgrade to these erratum packages, which contain an update to jbossas to include a version of Tomcat that resolves these issues. Updated jakarta-commons-modeler packages are also includedwhich correct a bug when used with Tomcat 5.5.23. 4. Solution: Note: /etc/tomcat5/web.xml has been updated to disable directory listing by default. If you have previously modified /etc/tomcat5/web.xml, this change will not be made automatically and you should manually update the value for the "listings" parameter to "false". Note: In response to CVE-2007-0450, JBoss AS considers encoded slashes and backslashes in URLs invalid and its usage will result in HTTP 400 error. It is possible to allow encoded slashes and backslashes by following the steps outlined below, however doing so will expose you to CVE-2007-0450 related attacks: a) If you use the /var/lib/jbossas/bin/run.sh setup, please edit /etc/jbossas/run.conf and append - -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true - -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true to the string assigned to JAVA_OPTS b) If you use the init script setup to run multiple JBoss AS services and you wish to allow encoding by default on all services, please edit /etc/jbossas/jbossas.conf and add the line JAVA_OPTS="${JAVA_OPTS} - -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true - -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true" c) If you use the init script setup to run multiple JBoss AS services and want to allow encoding of slashes and backslashes for a particular service, please edit /etc/sysconfig/${NAME} (where NAME is the name of your service) and add the line JAVA_OPTS="${JAVA_OPTS} - -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true - -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true" Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bug IDs fixed (http://bugzilla.redhat.com/): 238574 - CVE-2005-2090 multiple tomcat issues(CVE-2007-0450) 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: 1b4126e20b4e29398016f8b68cb6cef9 jbossas-4.0.5-2.CP04.el4s1.2.src.rpm 07a3c0fc01b59cce76d0f329358e5ee2 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.src.rpm noarch: 4b20eab75fad0a8e88eaa87fa720e216 jbossas-4.0.5-2.CP04.el4s1.2.noarch.rpm ad000c590574219c32649e2f7d6475ff jbossas-core-4.0.5-2.CP04.el4s1.2.noarch.rpm 2690014231347df9c2d827f05404f080 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.noarch.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: 1b4126e20b4e29398016f8b68cb6cef9 jbossas-4.0.5-2.CP04.el4s1.2.src.rpm 07a3c0fc01b59cce76d0f329358e5ee2 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.src.rpm noarch: 4b20eab75fad0a8e88eaa87fa720e216 jbossas-4.0.5-2.CP04.el4s1.2.noarch.rpm ad000c590574219c32649e2f7d6475ff jbossas-core-4.0.5-2.CP04.el4s1.2.noarch.rpm 2690014231347df9c2d827f05404f080 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2005-2090 https://www.cve.org/CVERecord?id=CVE-2007-0450 https://tomcat.apache.org/security-5.html https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2007 Red Hat, Inc. . Get details on the important jbossas security update for Red Hat Application Stack addressing multiple critical issues.. jbossas update, Red Hat Application Stack, Tomcat security, important security impact. . Severity: Important. LinuxSecurity.com Team
May 24, 2007
•Important
Red Hat
98
security advisorycriticalremote accessCritical Risk: Code Execution Vulnerability in Red Hat Jbossas Stack
An updated jbossas package that corrects a security vulnerability is now available for Red Hat Application Stack. This update has been rated as having critical security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: jbossas security update Advisory ID: RHSA-2006:0743-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0743.html Issue date: 2006-11-27 Updated on: 2006-11-27 Product: Red Hat Application Stack CVE Names: CVE-2006-5750 - ---------------------------------------------------------------------1. Summary: An updated jbossas package that corrects a security vulnerability is now available for Red Hat Application Stack. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - noarch Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - noarch 3. Problem description: JBoss Application Server is a J2EE certified platform for developing and deploying enterprise Java applications, Web applications, and Portals. Symantec discovered a flaw in the DeploymentFileRepository class of the JBoss Application Server. A remote attacker who is able to access the console manager could read or write to files with the permissions of the JBoss user. This could potentially lead to arbitrary code execution as the jboss user. (CVE-2006-5750) For the Red Hat Application Stack, the jbossas service is not enabled by default. Once the jbossas service is enabled, the console manager will become accessible on port 8080. Although port 8080 will be blocked from outside access by the default Red Hat Enterprise Linux firewall rules, users should ensure that the console is not available publicly and is adequately protected by authentication as explainedin the JBoss documentation. A correct configuration of the JBoss Application Server would mitigate this vulnerability to only being exploitable by users who have authorization to use the console manager. All users of Red Hat Application Stack are advised to upgrade to these updated packages, which resolve the directory traversal issue with a backported patch. These updated packages also contain a change to the default jbossas configuration file. For users installing Red Hat Application Stack for the first time, all JBoss Application Server network services, including the management consoles, will be restricted by default to localhost. No change is made for users upgrading previously installed jbossas packages. Users who already have Red Hat Application Stack installed should check to make sure that they have correctly followed the security guidelines and that the management consoles are not accessible to unauthorized users. Red Hat would like to thank Symantec for reporting this issue. 4. Solution: Before applying this update, make sure that the jbossas service is not running and all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 215828 - CVE-2006-5750 JBoss Java ClassDeploymentFileRepository Directory Traversal 216177 - JBossAS needs to be bound to localhost by default 216786 - Config files in the jbossas rpm should be marked accordingly 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ddcee54695279bfa2bcc1e6dc272edc5 jbossas-4.0.4-1.el4s1.25.src.rpm noarch: edf562a2624881d8198f23bd3e61f443 jbossas-4.0.4-1.el4s1.25.noarch.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ddcee54695279bfa2bcc1e6dc272edc5 jbossas-4.0.4-1.el4s1.25.src.rpm noarch: edf562a2624881d8198f23bd3e61f443 jbossas-4.0.4-1.el4s1.25.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2006-5750 https://access.redhat.com/security/updates/classification#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2006 Red Hat, Inc. . Notice regarding essential vulnerability resolution in jbossas for Red Hat Application Stack. Crucial to safeguard against possible risks.. Red Hat Application Stack, Jbossas Security Update, Critical Patch, Remote Code Execution. . Severity: Critical. LinuxSecurity.com Team
Nov 27, 2006
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!