5 matches found
Weak Authentication
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A flaw was discovered in the way authenticated connections were cached on the server by remote-naming. After a user has successfully logged in, a remote attacker could use a...
Red Hat JBoss Enterprise Application Platform 6.1.0 Security Update (RHSA-2013:1152)
The version of JBoss Enterprise Application Platform running on the remote system is vulnerable to the following issues: - A flaw in the way authenticated connections are cached on the server by remote-naming could allow a remote attacker to log in as another user without knowing their password...
CVE-2013-4128
Red Hat JBoss EAP 6.1.0 is affected by CVE-2013-4128: remote-naming caching of EJB invocations can allow session hijacking by a remoting client. The issue is that authenticated connections are cached in a way that enables an attacker to reuse a login session without the user’s password. Public ad...
RHEL 5 / 6 : JBoss EAP (RHSA-2013:1151)
Updated Red Hat JBoss Enterprise Application Platform 6.1.0 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.1.0 security update
Updated Red Hat JBoss Enterprise Application Platform 6.1.0 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...