CVE-2016-8656 – jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
https://notcve.org/view.php?id=CVE-2016-8656
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation. Jboss jbossas en versiones anteriores a la 5.2.0-23, 6.4.13 y 7.0.5 es vulnerable a una gestión insegura de archivos en el script init de jboss, lo que podría resultar en un escalado de privilegios local. It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. • http://rhn.redhat.com/errata/RHSA-2017-0244.html http://rhn.redhat.com/errata/RHSA-2017-0245.html http://rhn.redhat.com/errata/RHSA-2017-0246.html http://rhn.redhat.com/errata/RHSA-2017-0250.html http://rhn.redhat.com/errata/RHSA-2017-0831.html http://rhn.redhat.com/errata/RHSA-2017-0832.html http://rhn.redhat.com/errata/RHSA-2017-0834.html http://www.securityfocus.com/bid/96035 https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/e • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVE-2016-7061 – EAP: Sensitive data can be exposed at the server level in domain mode
https://notcve.org/view.php?id=CVE-2016-7061
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. Se ha detectado una vulnerabilidad de divulgación de información en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar información como sensible, los usuarios con rol Monitor pueden visualizar dicha información sensible It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. • http://rhn.redhat.com/errata/RHSA-2017-0170.html http://rhn.redhat.com/errata/RHSA-2017-0171.html http://rhn.redhat.com/errata/RHSA-2017-0172.html http://rhn.redhat.com/errata/RHSA-2017-0173.html http://rhn.redhat.com/errata/RHSA-2017-0244.html http://rhn.redhat.com/errata/RHSA-2017-0245.html http://rhn.redhat.com/errata/RHSA-2017-0246.html http://rhn.redhat.com/errata/RHSA-2017-0247.html http://rhn.redhat.com/errata/RHSA-2017-0250.html http://www • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-5406 – EAP7 Privilege escalation when managing domain including earlier version slaves
https://notcve.org/view.php?id=CVE-2016-5406
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves. El controlador de dominios en Red Hat JBoss Enterprise Application Platform (EAP) 7.x en versiones anteriores a 7.0.2 permite a usuarios remotos autenticados obtener privilegios aprovechando el fallo de propagación de configuración RBAC administrativa a todos los esclavos. The domain controller will not propagate its administrative RBAC configuration to some slaves. An attacker could use this to escalate their privileges. • http://rhn.redhat.com/errata/RHSA-2016-1838.html http://rhn.redhat.com/errata/RHSA-2016-1839.html http://rhn.redhat.com/errata/RHSA-2016-1840.html http://rhn.redhat.com/errata/RHSA-2016-1841.html https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3455 https://access.redhat.com/errata/RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017:3458 https://bugzilla.redhat.com/show_bug.cgi?id=1359014 https://access.redhat.c • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-4993 – eap: HTTP header injection / response splitting
https://notcve.org/view.php?id=CVE-2016-4993
CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en el servidor web Undertow en WildFly 10.0.0, tal como se utiliza en Red Hat JBoss Enterprise Application Platform (EAP) 7.x en versiones anteriores a 7.0.2, permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separación de respuesta HTTP a través de vectores no especificados. It was reported that EAP 7 Application Server/Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value. • http://rhn.redhat.com/errata/RHSA-2016-1838.html http://rhn.redhat.com/errata/RHSA-2016-1839.html http://rhn.redhat.com/errata/RHSA-2016-1840.html http://rhn.redhat.com/errata/RHSA-2016-1841.html http://www.securityfocus.com/bid/92894 http://www.securitytracker.com/id/1036758 https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3455 https://access.redhat.com/errata/RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017: • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVE-2016-2141 – JGroups: Authorization bypass
https://notcve.org/view.php?id=CVE-2016-2141
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. JGroups en versiones anteriores a 4.0 no solicita las cabeceras adecuadas para los protocolos ENCRYPT y AUTH desde los nodos uniéndose al grupo, lo que permite a atacantes remotos eludir las restricciones de seguridad y enviar y recibir mensajes dentro del grupo a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2016-1435.html http://rhn.redhat.com/errata/RHSA-2016-1439.html http://rhn.redhat.com/errata/RHSA-2016-2035.html http://www.securityfocus.com/bid/91481 http://www.securitytracker.com/id/1036165 https://access.redhat.com/errata/RHSA-2016:1345 https://access.redhat.com/errata/RHSA-2016:1346 https://access.redhat.com/errata/RHSA-2016:1347 https://access.redhat.com/errata/RHSA-2016:1374 https://access.redhat.com/errata/RHSA-2016:1376& •