Page 7 of 67 results (0.014 seconds)

CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0

CVE-2016-8657 – jboss: jbossas writable config files allow privilege escalation

https://notcve.org/view.php?id=CVE-2016-8657

It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root:jboss, 664). On systems using classic /etc/init.d init scripts (i.e. on Red Hat Enterprise Linux 6 and earlier), the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted. Se ha descubierto que los paquetes EAP en ciertas versiones de Red Hat Enterprise Linux emplean permisos incorrectos para los archivo de configuración /etc/sysconfig/jbossas. El archivo puede escribirse en el grupo jboss (root:jboss, 664). • http://rhn.redhat.com/errata/RHSA-2017-0826.html http://rhn.redhat.com/errata/RHSA-2017-0827.html http://rhn.redhat.com/errata/RHSA-2017-0828.html http://rhn.redhat.com/errata/RHSA-2017-0829.html http://www.securityfocus.com/bid/96896 https://access.redhat.com/errata/RHSA-2018:1609 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8657 https://access.redhat.com/security/cve/CVE-2016-8657 https://bugzilla.redhat.com/show_bug.cgi?id=1400343 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-8656 – jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation

https://notcve.org/view.php?id=CVE-2016-8656

Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation. Jboss jbossas en versiones anteriores a la 5.2.0-23, 6.4.13 y 7.0.5 es vulnerable a una gestión insegura de archivos en el script init de jboss, lo que podría resultar en un escalado de privilegios local. It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. • http://rhn.redhat.com/errata/RHSA-2017-0244.html http://rhn.redhat.com/errata/RHSA-2017-0245.html http://rhn.redhat.com/errata/RHSA-2017-0246.html http://rhn.redhat.com/errata/RHSA-2017-0250.html http://rhn.redhat.com/errata/RHSA-2017-0831.html http://rhn.redhat.com/errata/RHSA-2017-0832.html http://rhn.redhat.com/errata/RHSA-2017-0834.html http://www.securityfocus.com/bid/96035 https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/e • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •

CVSS: 7.5EPSS: 27%CPEs: 87EXPL: 1

CVE-2016-8610 – SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS

https://notcve.org/view.php?id=CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. Se ha encontrado un fallo de denegación de servicio en OpenSSL en las versiones 0.9.8, 1.0.1, 1.0.2 hasta la 1.0.2h y la 1.1.0 en la forma en la que el protocolo TLS/SSL definió el procesamiento de paquetes ALERT durante una negociación de conexión. Un atacante remoto podría emplear este fallo para hacer que un servidor TLS/SSL consuma una cantidad excesiva de recursos de CPU y fracase a la hora de aceptar conexiones de otros clientes. A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. • https://github.com/cujanovic/CVE-2016-8610-PoC http://rhn.redhat.com/errata/RHSA-2017-0286.html http://rhn.redhat.com/errata/RHSA-2017-0574.html http://rhn.redhat.com/errata/RHSA-2017-1415.html http://rhn.redhat.com/errata/RHSA-2017-1659.html http://seclists.org/oss-sec/2016/q4/224 http://www.securityfocus.com/bid/93841 http://www.securitytracker.com/id/1037084 https://access.redhat.com/errata/RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1414 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-7061 – EAP: Sensitive data can be exposed at the server level in domain mode

https://notcve.org/view.php?id=CVE-2016-7061

An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. Se ha detectado una vulnerabilidad de divulgación de información en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar información como sensible, los usuarios con rol Monitor pueden visualizar dicha información sensible It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. • http://rhn.redhat.com/errata/RHSA-2017-0170.html http://rhn.redhat.com/errata/RHSA-2017-0171.html http://rhn.redhat.com/errata/RHSA-2017-0172.html http://rhn.redhat.com/errata/RHSA-2017-0173.html http://rhn.redhat.com/errata/RHSA-2017-0244.html http://rhn.redhat.com/errata/RHSA-2017-0245.html http://rhn.redhat.com/errata/RHSA-2017-0246.html http://rhn.redhat.com/errata/RHSA-2017-0247.html http://rhn.redhat.com/errata/RHSA-2017-0250.html http://www • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 1%CPEs: 10EXPL: 0

CVE-2016-4978 – Artemis: Deserialization of untrusted input vulnerability

https://notcve.org/view.php?id=CVE-2016-4978

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath. El método getObject de la clase javax.jms.ObjectMessage en el (1) cliente JMS Core, (2) broker Artemis y (3) componente Artemis REST en Apache ActiveMQ Artemis en versiones anteriores a 1.4.0 podría permitir a usuarios remotos autenticados con permiso, mandar mensajes al broker Artemis para deserializar objetos arbitrarios y ejecutar código arbitrario aprovechando clases de gadget presentes en la ruta de clases Artemis. It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage. • http://mail-archives.apache.org/mod_mbox/activemq-users/201609.mbox/%3CCAH6wpnqzeNtpykT7emtDU1-GV7AvjFP5-YroWcCC4UZyQEFvtA%40mail.gmail.com%3E http://www.securityfocus.com/bid/93142 https://access.redhat.com/errata/RHSA-2017:1834 https://access.redhat.com/errata/RHSA-2017:1835 https://access.redhat.com/errata/RHSA-2017:1836 https://access.redhat.com/errata/RHSA-2017:1837 https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3455 https://access.redhat& • CWE-502: Deserialization of Untrusted Data •