CVE-2018-1041 – JBoss Remoting 6.14.18 - Denial of Service
https://notcve.org/view.php?id=CVE-2018-1041
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop. Se ha encontrado una vulnerabilidad en la forma en la que RemoteMessageChannel, introducido en las versiones 3.3.10 de jboss-remoting, lee desde un búfer vacío. Un atacante podría emplear este error para provocar una denegación de servicio (DoS) mediante un consumo alto de CPU a través de un bucle infinito. A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. • https://www.exploit-db.com/exploits/44099 http://www.securitytracker.com/id/1040323 https://access.redhat.com/errata/RHSA-2018:0268 https://access.redhat.com/errata/RHSA-2018:0269 https://access.redhat.com/errata/RHSA-2018:0270 https://access.redhat.com/errata/RHSA-2018:0271 https://access.redhat.com/errata/RHSA-2018:0275 https://bugzilla.redhat.com/show_bug.cgi?id=1530457 https://access.redhat.com/security/cve/CVE-2018-1041 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2016-2094 – EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
https://notcve.org/view.php?id=CVE-2016-2094
The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability. El HTTPS NIO Connector permite a atacantes remotos provocar una denegación de servicio (consumo de hilos) abriendo un socket y no enviando un apretón de manos SSL, también conocido como una vulnerabilidad de finalización de tiempo de espera de lectura. A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open (denial of service). • http://rhn.redhat.com/errata/RHSA-2016-0595.html http://rhn.redhat.com/errata/RHSA-2016-0596.html http://rhn.redhat.com/errata/RHSA-2016-0597.html http://rhn.redhat.com/errata/RHSA-2016-0598.html http://rhn.redhat.com/errata/RHSA-2016-0599.html https://bugzilla.redhat.com/show_bug.cgi?id=1308465 https://access.redhat.com/security/cve/CVE-2016-2094 • CWE-358: Improperly Implemented Security Check for Standard CWE-399: Resource Management Errors •
CVE-2008-3273 – JBossEAP status servlet info leak
https://notcve.org/view.php?id=CVE-2008-3273
JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. JBoss Enterprise Application Platform (también conocido como JBossEAP o EAP) anterior a 4.2.0.CP03 y 4.3.0 anterior a 4.3.0.CP01, permite a atacantes remotos obtener información sensible relacionada con "deployed web contexts" (Contextos web desarrollados) a través de una petición al servlet de estado, como se ha demostrado mediante la cadena de consulta full=true. • http://marc.info/?l=bugtraq&m=132698550418872&w=2 http://rhn.redhat.com/errata/RHSA-2008-0825.html http://rhn.redhat.com/errata/RHSA-2008-0826.html http://rhn.redhat.com/errata/RHSA-2008-0827.html http://rhn.redhat.com/errata/RHSA-2008-0828.html http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp03/html-single/readme/index.html http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp01/html-single/readme http: • CWE-264: Permissions, Privileges, and Access Controls •