Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2017-2709.NASL
HistorySep 15, 2017 - 12:00 a.m.

RHEL 7 : JBoss Core Services (RHSA-2017:2709)

2017-09-1500:00:00
This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
119
JSON

An update is now available for JBoss Core Services on Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.

This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

Security Fix(es) :

  • It was discovered that the httpd’s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)

  • It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. (CVE-2015-3185)

  • A flaw was found in the way the DES/3DES cipher was used as part of the TLS /SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)

Red Hat would like to thank OpenVPN for reporting CVE-2016-2183.
Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaetan Leurent (Inria) as the original reporters of CVE-2016-2183.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2017:2709. The text 
# itself is copyright (C) Red Hat, Inc.
#

include("compat.inc");

if (description)
{
  script_id(103240);
  script_version("3.10");
  script_cvs_date("Date: 2019/10/24 15:35:43");

  script_cve_id("CVE-2015-3185", "CVE-2016-2183", "CVE-2017-9788");
  script_xref(name:"RHSA", value:"2017:2709");

  script_name(english:"RHEL 7 : JBoss Core Services (RHSA-2017:2709)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An update is now available for JBoss Core Services on Red Hat
Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

Red Hat JBoss Core Services is a set of supplementary software for Red
Hat JBoss middleware products. This software, such as Apache HTTP
Server, is common to multiple JBoss middleware products, and is
packaged under Red Hat JBoss Core Services to allow for faster
distribution of updates, and for a more consistent update experience.

This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23
Service Pack 2 serves as an update for Red Hat JBoss Core Services
Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes,
which are documented in the Release Notes document linked to in the
References.

Security Fix(es) :

* It was discovered that the httpd's mod_auth_digest module did not
properly initialize memory before using it when processing certain
headers related to digest authentication. A remote attacker could
possibly use this flaw to disclose potentially sensitive information
or cause httpd child process to crash by sending specially crafted
requests to a server. (CVE-2017-9788)

* It was discovered that in httpd 2.4, the internal API function
ap_some_auth_required() could incorrectly indicate that a request was
authenticated even when no authentication was used. An httpd module
using this API function could consequently allow access that should
have been denied. (CVE-2015-3185)

* A flaw was found in the way the DES/3DES cipher was used as part of
the TLS /SSL protocol. A man-in-the-middle attacker could use this
flaw to recover some plaintext data by capturing large amounts of
encrypted traffic between TLS/SSL server and client if the
communication used a DES/3DES based ciphersuite. (CVE-2016-2183)

Red Hat would like to thank OpenVPN for reporting CVE-2016-2183.
Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaetan
Leurent (Inria) as the original reporters of CVE-2016-2183."
  );
  # https://access.redhat.com/documentation/en/red-hat-jboss-core-services/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?75d9eb14"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2017:2709"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2015-3185"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2016-2183"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2017-9788"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-manual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-selinux");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_proxy_html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_session");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_ssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-static");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/07/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/09/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/09/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2017:2709";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-debuginfo-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-devel-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-libs-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"jbcs-httpd24-httpd-manual-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-selinux-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-tools-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_ldap-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_proxy_html-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_session-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_ssl-2.4.23-122.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-1.0.2h-14.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el7")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "jbcs-httpd24-httpd / jbcs-httpd24-httpd-debuginfo / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxjbcs-httpd24-httpdp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd
redhatenterprise_linuxjbcs-httpd24-httpd-debuginfop-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-debuginfo
redhatenterprise_linuxjbcs-httpd24-httpd-develp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-devel
redhatenterprise_linuxjbcs-httpd24-httpd-libsp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-libs
redhatenterprise_linuxjbcs-httpd24-httpd-manualp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-manual
redhatenterprise_linuxjbcs-httpd24-httpd-selinuxp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-selinux
redhatenterprise_linuxjbcs-httpd24-httpd-toolsp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-tools
redhatenterprise_linuxjbcs-httpd24-mod_ldapp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_ldap
redhatenterprise_linuxjbcs-httpd24-mod_proxy_htmlp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_proxy_html
redhatenterprise_linuxjbcs-httpd24-mod_sessionp-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_session
Rows per page:
1-10 of 181

Related

redhat 13
nessus 41
f5 5
checkpoint_advisories 2
ubuntucve 4
cve 3
debiancve 2
httpd 3
prion 3
openvas 20
redhatcve 1
osv 6
ibm 55
debian 7
ubuntu 3
veracode 4
hackerone 7
attackerkb 1
cloudfoundry 1
alpinelinux 1
oraclelinux 2
github 1
threatpost 2
openssl 1
centos 2
photon 1
archlinux 1
slackware 1
mageia 2
freebsd 1
fortinet 1
exploitpack 1
zdt 1
redhat
redhat
(RHSA-2017:2708) Important: Red Hat JBoss Core Services security update
2017-09-13 16:36:42
(RHSA-2017:2710) Important: Red Hat JBoss Core Services security update
2017-09-13 16:37:22
(RHSA-2017:2709) Important: Red Hat JBoss Core Services security update
2017-09-13 16:36:59
nessus
nessus
RHEL 6 : JBoss Core Services (RHSA-2017:2710)
2017-09-15 00:00:00
RHEL 6 / 7 : JBoss EAP (RHSA-2017:3240) (Optionsbleed)
2017-11-20 00:00:00
Debian DLA-1028-1 : apache2 security update
2017-07-18 00:00:00
f5
f5
K17236 : Apache HTTP server vulnerability CVE-2015-3185
2015-09-10 00:00:00
SOL17236 - Apache HTTP server vulnerability CVE-2015-3185
2015-09-09 00:00:00
Apache vulnerability CVE-2017-9788
2017-09-21 23:43:00
checkpoint_advisories
checkpoint_advisories
Apache httpd mod_auth_digest Memory Access Denial of Service (CVE-2017-9788)
2017-10-26 00:00:00
Weak SSL 3DES Cipher Suites (CVE-2016-2183)
2016-09-25 00:00:00
ubuntucve
ubuntucve
CVE-2017-9788
2017-07-13 00:00:00
CVE-2015-3185
2015-07-20 00:00:00
CVE-2016-2183
2016-08-31 00:00:00
cve
cve
CVE-2015-3185
2015-07-20 23:59:00
CVE-2017-9788
2017-07-13 16:29:00
CVE-2016-2183
2016-09-01 00:59:00
debiancve
debiancve
CVE-2015-3185
2015-07-20 23:59:00
CVE-2017-9788
2017-07-13 16:29:00
httpd
httpd
Apache Httpd < 2.4.16 : ap_some_auth_required API unusable
2013-08-05 00:00:00
Apache Httpd < 2.4.27 : Uninitialized memory reflection in mod_auth_digest
2017-06-28 00:00:00
Apache Httpd < 2.2.34 : Uninitialized memory reflection in mod_auth_digest
2017-06-28 00:00:00
prion
prion
Design/Logic Flaw
2017-07-13 16:29:00
Authorization
2015-07-20 23:59:00
Design/Logic Flaw
2016-09-01 00:59:00
openvas
openvas
Ubuntu Update for apache2 USN-3370-1
2017-07-28 00:00:00
Debian Security Advisory DSA 3913-1 (apache2 - security update)
2017-07-18 00:00:00
Apache HTTP Server 'mod_auth_digest' Multiple Vulnerabilities (Windows)
2017-07-17 00:00:00
redhatcve
redhatcve
CVE-2017-9788
2019-10-10 10:39:39
osv
osv
apache2 - security update
2017-07-17 00:00:00
apache2 - security update
2017-07-18 00:00:00
CVE-2016-2183
2016-09-01 00:59:00
ibm
ibm
Security Bulletin: Vulnerability in HTTPD affects IBM BladeCenter Advanced Management Module (AMM)
2023-04-14 14:32:25
Security Bulletin: IBM MessageSight affected by GSKit Sweet32 Birthday attacks (CVE-2016-2183)
2018-06-17 15:36:58
Security Bulletin: A security vulnerability has been identified in GSKit shipped with IBM Spectrum Scale V4 (CVE-2016-2183)
2018-08-01 19:18:54
debian
debian
[SECURITY] [DSA 3913-1] apache2 security update
2017-07-18 20:22:26
[SECURITY] [DLA 1028-1] apache2 security update
2017-07-17 08:00:15
[SECURITY] [DSA 3913-1] apache2 security update
2017-07-18 20:22:26
ubuntu
ubuntu
Apache HTTP Server vulnerability
2017-08-01 00:00:00
Apache HTTP Server vulnerability
2017-07-27 00:00:00
Apache HTTP Server vulnerabilities
2015-07-27 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:36:33
Access Restriction Bypass
2019-01-15 09:19:28
Information Disclosure
2017-01-09 02:06:31
hackerone
hackerone
Legal Robot: SWEET32 TLS attack
2017-01-18 18:03:52
Yelp: Yelp.com is vulnerable to SWEET32 attack
2017-01-18 17:43:32
Udemy: sweet32
2017-03-31 12:18:22
attackerkb
attackerkb
CVE-2016-2183
2016-09-01 00:00:00
cloudfoundry
cloudfoundry
CVE-2016-2183: Birthday attacks against TLS ciphers with 64bit block size | Cloud Foundry
2019-10-24 00:00:00
alpinelinux
alpinelinux
CVE-2016-2183
2016-09-01 00:59:00
oraclelinux
oraclelinux
python security update
2018-07-03 00:00:00
httpd security update
2015-08-24 00:00:00
github
github
Kyverno vulnerable due to usage of insecure cipher
2023-05-30 20:07:06
threatpost
threatpost
New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption
2016-08-24 08:00:39
OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack
2016-09-23 15:47:13
openssl
openssl
Vulnerability in OpenSSL CVE-2016-2183
2016-08-24 00:00:00
centos
centos
python, tkinter security update
2018-07-13 16:28:09
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2015-08-25 16:08:42
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0027
2017-07-25 00:00:00
archlinux
archlinux
[ASA-201707-15] apache: multiple issues
2017-07-14 00:00:00
slackware
slackware
[slackware-security] httpd
2017-07-13 19:27:26
mageia
mageia
Updated apache packages fix security vulnerabilities
2017-08-24 10:52:24
Updated apache package fixes security vulnerabilities
2015-07-27 12:53:07
freebsd
freebsd
Apache httpd -- multiple vulnerabilities
2017-07-11 00:00:00
fortinet
fortinet
Protect
2019-02-07 00:00:00
exploitpack
exploitpack
IBM Informix Dynamic Server Informix Open Admin Tool - DLL Injection Remote Code Execution Heap Buffer Overflow
2017-05-30 00:00:00
zdt
zdt
IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Hea
2017-05-31 00:00:00
JSON
Related for REDHAT-RHSA-2017-2709.NASL
redhat13nessus41f55checkpoint_advisories2ubuntucve4cve3debiancve2httpd3prion3openvas20redhatcve1osv6ibm55debian7ubuntu3veracode4hackerone7attackerkb1cloudfoundry1alpinelinux1oraclelinux2github1threatpost2openssl1centos2photon1archlinux1slackware1mageia2freebsd1fortinet1exploitpack1zdt1