The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1648 advisory.

    Red Hat JBoss Web Server is a fully integrated and certified set of     components for hosting Java web applications. It is comprised of the Apache     HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector     (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat     Native library.

    This release serves as a replacement for Red Hat JBoss Web Server 2.1.0,     and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.1     Release Notes for information on the most significant of these changes,     available shortly from https://access.redhat.com/site/documentation/

    All users of Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 7     are advised to upgrade to Red Hat JBoss Web Server 2.1.1. The JBoss server     process must be restarted for this update to take effect.

    Security Fix(es):

    * It was discovered that httpd used the value of the Proxy header from HTTP     requests to initialize the HTTP_PROXY environment variable for CGI scripts,     which in turn was incorrectly used by certain HTTP client implementations     to configure the proxy for outgoing HTTP requests. A remote attacker could     possibly use this flaw to redirect HTTP requests performed by a CGI script     to an attacker-controlled proxy via a malicious HTTP request.
    (CVE-2016-5387)

    * An integer overflow flaw, leading to a buffer overflow, was found in the     way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of     input data. A remote attacker could use this flaw to crash an application     using OpenSSL or, possibly, execute arbitrary code with the permissions of     the user running that application. (CVE-2016-2105)

    * An integer overflow flaw, leading to a buffer overflow, was found in the     way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts     of input data. A remote attacker could use this flaw to crash an     application using OpenSSL or, possibly, execute arbitrary code with the     permissions of the user running that application. (CVE-2016-2106)

    * It was discovered that it is possible to remotely Segfault Apache http     server with a specially crafted string sent to the mod_cluster via service     messages (MCMP). (CVE-2016-3110)

    Red Hat would like to thank Scott Geary (VendHQ) for reporting     CVE-2016-5387; the OpenSSL project for reporting CVE-2016-2105 and     CVE-2016-2106; and Michal Karm Babacek for reporting CVE-2016-3110.
    Upstream acknowledges Guido Vranken as the original reporter of     CVE-2016-2105 and CVE-2016-2106.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 7 : Red Hat JBoss Web Server 2.1.1 security update on RHEL 7 (Important) (RHSA-2016:1648)

high Nessus Plugin ID 93118

Version 2.13