Detections
Analytics
JBoss Application Server (jbossas) JMX Console DeploymentFileRepository Traversal Arbitrary File Manipulation
high Nessus Plugin ID 23843
Language:
Synopsis
The remote web server contains a Java service that is affected by a directory traversal flaw.Description
The remote web server appears to be a version of JBoss that fails to sanitize user-supplied input to the BaseDir parameter used by the 'DeploymentFileRepository' service of JMX Console before using it to store or delete files. An unauthenticated attacker may be able to exploit this to alter files on the remote host subject to the privileges of the JBoss user.Solution
Secure access to the JMX Console as described in the Wiki article referenced above.See Also
https://www.securityfocus.com/archive/1/archive/1/452830/100/0/threaded
https://issues.jboss.org/browse/JBAS-3861?_sscc=t
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole
Plugin Details
Severity: High
ID: 23843
File Name: jboss_deploymentfilerepository_dir_traversal.nasl
Version: 1.20
Type: remote
Family: CGI abuses
Published: 12/14/2006
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.3
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:jboss:jboss_application_server
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/27/2006
Vulnerability Publication Date: 11/27/2006
Exploitable With
Core Impact
Reference Information
CVE: CVE-2006-5750
BID: 21219