JBoss Portal 6.1.0 Update (RHSA-2013:1437)

high Nessus Plugin ID 72237

Synopsis

The remote Red Hat host is missing a security update.

Description

The version of JBoss Enterprise Portal Platform on the remote system is affected by the following issues:

- A flaw in CSRF prevention filter in JBoss Web could allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. (CVE-2012-4431)

- A flaw that occurs when the COOKIE session tracking method is used can allow attackers to hijack users' sessions. (CVE-2012-4529)

- A flaw that occurs when multiple applications use the same custom authorization module class name can allow a local attacker to deploy a malicious application that overrides the custom authorization modules provided by other applications. (CVE-2012-4572)

- The framework does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting. This can allow remote attackers to force the system to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications.
(CVE-2012-5575)

- A flaw in PicketBox can allow local users to obtain the admin encryption key by reading the Vault data file.
(CVE-2013-1921)

- A session fixation flaw was found in the FormAuthenticator module. (CVE-2013-2067)

- A flaw that occurs when a JGroups channel was started results in the JGroups diagnostics service being enabled by default with no authentication via IP multicast. A remote attacker can make use of this flaw to read diagnostics information. (CVE-2013-2102)

- A flaw in the StAX parser implementation can allow remote attackers to cause a denial of service via crafted XML. (CVE-2013-2160)

- A flaw in Apache Santuario XML Security can allow context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak algorithm. (CVE-2013-2172)

- A flaw in JGroup's DiagnosticsHandler can allow remote attackers to obtain sensitive information and execute arbitrary code by re-using valid credentials.
(CVE-2013-4112)

- A flaw in the manner in which authenticated connections were cached on the server by remote-naming can allow remote attackers to hijack sessions by using a remoting client. (CVE-2013-4128)

- A flaw in the manner in which connections for EJB invocations were cached on the server can allow remote attackers to hijack sessions by using an EJB client.
(CVE-2013-4213)

Solution

Upgrade the installed JBoss Portal 6.0.0 to 6.1.0 or later.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=868202

https://bugzilla.redhat.com/show_bug.cgi?id=872059

https://bugzilla.redhat.com/show_bug.cgi?id=880443

https://bugzilla.redhat.com/show_bug.cgi?id=883636

https://bugzilla.redhat.com/show_bug.cgi?id=929197

https://bugzilla.redhat.com/show_bug.cgi?id=948106

https://bugzilla.redhat.com/show_bug.cgi?id=961779

https://bugzilla.redhat.com/show_bug.cgi?id=963984

https://bugzilla.redhat.com/show_bug.cgi?id=983489

https://bugzilla.redhat.com/show_bug.cgi?id=984795

https://bugzilla.redhat.com/show_bug.cgi?id=985359

https://bugzilla.redhat.com/show_bug.cgi?id=999263

https://www.redhat.com/security/data/cve/CVE-2012-4431.html

https://www.redhat.com/security/data/cve/CVE-2012-4529.html

https://www.redhat.com/security/data/cve/CVE-2012-4572.html

https://www.redhat.com/security/data/cve/CVE-2012-5575.html

https://www.redhat.com/security/data/cve/CVE-2013-1921.html

https://www.redhat.com/security/data/cve/CVE-2013-2067.html

https://www.redhat.com/security/data/cve/CVE-2013-2102.html

https://www.redhat.com/security/data/cve/CVE-2013-2160.html

https://www.redhat.com/security/data/cve/CVE-2013-2172.html

https://www.redhat.com/security/data/cve/CVE-2013-4112.html

https://www.redhat.com/security/data/cve/CVE-2013-4128.html

https://www.redhat.com/security/data/cve/CVE-2013-4213.html

Plugin Details

Severity: High

ID: 72237

File Name: redhat-RHSA-2013-1437.nasl

Version: 1.11

Type: local

Agent: unix

Published: 1/31/2014

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:redhat:jboss_enterprise_portal_platform:6.1.0

Required KB Items: Host/local_checks_enabled, Host/RedHat/release

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/16/2013

Vulnerability Publication Date: 10/10/2012

Reference Information

CVE: CVE-2012-4431, CVE-2012-4529, CVE-2012-4572, CVE-2012-5575, CVE-2013-1921, CVE-2013-2067, CVE-2013-2102, CVE-2013-2160, CVE-2013-2172, CVE-2013-4112, CVE-2013-4128, CVE-2013-4213

BID: 61179, 61739, 61742, 62256, 63196, 56814, 59799, 60040, 60043, 60045, 60846, 61030

RHSA: 2013:1437