6 matches found
Weak Authentication
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A flaw was discovered in the way authenticated connections were cached on the server by remote-naming. After a user has successfully logged in, a remote attacker could use a...
Red Hat JBoss Enterprise Application Platform 6.1.0 Security Update (RHSA-2013:1152)
The version of JBoss Enterprise Application Platform running on the remote system is vulnerable to the following issues: - A flaw in the way authenticated connections are cached on the server by remote-naming could allow a remote attacker to log in as another user without knowing their password...
JBoss Enterprise Application Platform远程EJB调用连接缓存处理验证绕过漏洞
CVE ID:CVE-2013-4213 JBOSS是一个基于J2EE的开放源代码的应用服务器 JBoss Enterprise Application Platform在通过EJB客户端API处理相关远程EJB调用连接的服务器缓存时存在一个缺陷,远程攻击者可利用EJB客户端绕过验证,以其他用户账户上下文登录,并访问数据和执行操作 0 JBoss Enterprise Application Platform 6.1.0 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息: http://rhn.redhat.com/errata/RHSA-2013-1151.html...
CVE-2013-4213
Red Hat JBoss EAP 6.1.0 is affected by CVE-2013-4213. The issue is a caching flaw in the EJB client API that prevents proper caching of EJB invocations on the server, allowing remote attackers to hijack user sessions by leveraging an EJB client. This is tied to the Red Hat advisory RHSA-2013:1152...
RHEL 5 / 6 : JBoss EAP (RHSA-2013:1151)
Updated Red Hat JBoss Enterprise Application Platform 6.1.0 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.1.0 security update
Updated Red Hat JBoss Enterprise Application Platform 6.1.0 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...