PT-2012-1927 · Red Hat · Red Hat Jboss Enterprise Application Platform

Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Application Platform version 5.1.2 Description: The issue allows worker nodes to register with arbitrary virtual hosts, enabling remote attackers to bypass intended access restrictions. This can lead to the provision of...

mod_cluster: malicious worker nodes can register on any vhost

modcluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from ...