Detections
Analytics

RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.2.4 update (Moderate) (RHSA-2014:0799)

medium Nessus Plugin ID 76293

Language:

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0799 advisory.

 Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

 Apache CXF is an open source services framework, which is a part of Red Hat JBoss Enterprise Application Platform.

 It was found that the SecurityTokenService (STS), provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens.
 (CVE-2014-0034)

 A denial of service flaw was found in the way Apache CXF created error messages for certain POST requests. A remote attacker could send a specially crafted request which, when processed by an application using Apache CXF, could consume an excessive amount of memory on the system, possibly triggering an Out Of Memory (OOM) error. (CVE-2014-0109)

 It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of disk space, possibly causing a denial of service. (CVE-2014-0110)

 It was found that the Java API for RESTful Web Services (JAX-RS) implementation enabled external entity expansion by default. A remote attacker could use this flaw to view the contents of arbitrary files accessible to the application server user. (CVE-2014-3481)

 It was discovered that UsernameTokens were sent in plain text by an Apache CXF client that used a Symmetric EncryptBeforeSigning password policy.
 A man-in-the-middle attacker could use this flaw to obtain the user name and password used by the client application using Apache CXF.
 (CVE-2014-0035)

 The CVE-2014-3481 issue was discovered by the Red Hat JBoss Enterprise Application Platform QE team.

 This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.2.3, and includes bug fixes and enhancements.
 Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.2.4 Release Notes, linked to in the References.

 All users of Red Hat JBoss Enterprise Application Platform 6.2 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages.
 The JBoss server process must be restarted for the update to take effect.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?aa789039

http://www.nessus.org/u?f6ae6de5

https://access.redhat.com/errata/RHSA-2014:0799

https://access.redhat.com/security/updates/classification/#moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1090472

https://bugzilla.redhat.com/show_bug.cgi?id=1093526

https://bugzilla.redhat.com/show_bug.cgi?id=1093527

https://bugzilla.redhat.com/show_bug.cgi?id=1093529

https://bugzilla.redhat.com/show_bug.cgi?id=1093530

https://bugzilla.redhat.com/show_bug.cgi?id=1103769

https://bugzilla.redhat.com/show_bug.cgi?id=1103872

https://bugzilla.redhat.com/show_bug.cgi?id=1104166

https://bugzilla.redhat.com/show_bug.cgi?id=1105242

https://bugzilla.redhat.com/show_bug.cgi?id=1105591

https://bugzilla.redhat.com/show_bug.cgi?id=1105657

https://bugzilla.redhat.com/show_bug.cgi?id=1106545

https://bugzilla.redhat.com/show_bug.cgi?id=1106579

https://bugzilla.redhat.com/show_bug.cgi?id=1106582

https://bugzilla.redhat.com/show_bug.cgi?id=1106585

https://bugzilla.redhat.com/show_bug.cgi?id=1106589

https://bugzilla.redhat.com/show_bug.cgi?id=1109953

Plugin Details

Severity: Medium

ID: 76293

File Name: redhat-RHSA-2014-0799.nasl

Version: 1.15

Type: local

Agent: unix

Published: 6/28/2014

Updated: 3/21/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2014-3481

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2014-0035

Vulnerability Information

CPE: cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:jboss-xnio-base, p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient, p-cpe:/a:redhat:enterprise_linux:apache-cxf, p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all, p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging, p-cpe:/a:redhat:enterprise_linux:jboss-aesh, p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin, p-cpe:/a:redhat:enterprise_linux:jboss-as-weld, p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering, p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin, p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap, p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6, p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap, p-cpe:/a:redhat:enterprise_linux:weld-core, p-cpe:/a:redhat:enterprise_linux:jboss-as-controller, p-cpe:/a:redhat:enterprise_linux:jboss-as-threads, p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service, p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb, p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content, p-cpe:/a:redhat:enterprise_linux:jboss-as-server, p-cpe:/a:redhat:enterprise_linux:jboss-as-logging, p-cpe:/a:redhat:enterprise_linux:jboss-as-version, p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository, p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner, p-cpe:/a:redhat:enterprise_linux:jboss-as-network, p-cpe:/a:redhat:enterprise_linux:picketbox, p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs, p-cpe:/a:redhat:enterprise_linux:jboss-as-sar, p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6, p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management, p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6, p-cpe:/a:redhat:enterprise_linux:jboss-as-ee, p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs, p-cpe:/a:redhat:enterprise_linux:jboss-as-security, p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp, p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller, p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap, p-cpe:/a:redhat:enterprise_linux:jboss-security-negotiation, p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx, p-cpe:/a:redhat:enterprise_linux:jboss-as-cli, p-cpe:/a:redhat:enterprise_linux:resteasy, p-cpe:/a:redhat:enterprise_linux:jbossas-domain, p-cpe:/a:redhat:enterprise_linux:jboss-as-web, p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster, p-cpe:/a:redhat:enterprise_linux:jboss-as-connector, p-cpe:/a:redhat:enterprise_linux:jbossas-bundles, p-cpe:/a:redhat:enterprise_linux:jbossas-standalone, p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller, p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment, p-cpe:/a:redhat:enterprise_linux:jbossweb, p-cpe:/a:redhat:enterprise_linux:jboss-as-naming, p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean, p-cpe:/a:redhat:enterprise_linux:wss4j, p-cpe:/a:redhat:enterprise_linux:jbossts, p-cpe:/a:redhat:enterprise_linux:jbossas-core, p-cpe:/a:redhat:enterprise_linux:jboss-as-xts, p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions, p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices, p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security, p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi, p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77, p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6, p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http, p-cpe:/a:redhat:enterprise_linux:jbossas-appclient, p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded, p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting, p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa, p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol, p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client, p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr, p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr, p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6, p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf, p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo, p-cpe:/a:redhat:enterprise_linux:jboss-as-mail, p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3, p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 6/26/2014

Vulnerability Publication Date: 5/8/2014

Reference Information

CVE: CVE-2014-0034, CVE-2014-0035, CVE-2014-0109, CVE-2014-0110, CVE-2014-3481

BID: 68441, 68444, 68445

CWE: 345, 400, 522, 611, 770

RHSA: 2014:0799