Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2012-1026.NASL
HistoryJan 24, 2013 - 12:00 a.m.

RHEL 5 / 6 : jbossas and jboss-naming (RHSA-2012:1026)

2013-01-2400:00:00
This script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.7%

JSON

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1026 advisory.

  • JNDI: unauthenticated remote write access is permitted by default (CVE-2011-4605)

  • JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm (CVE-2012-1167)

Note that Nessus has not tested for these issues but has instead relied only on the applicationโ€™s self-reported version number.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2012:1026. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(64043);
  script_version("1.20");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/27");

  script_cve_id("CVE-2011-4605", "CVE-2012-1167");
  script_xref(name:"RHSA", value:"2012:1026");

  script_name(english:"RHEL 5 / 6 : jbossas and jboss-naming (RHSA-2012:1026)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for jbossas / jboss-naming.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2012:1026 advisory.

  - JNDI: unauthenticated remote write access is permitted by default (CVE-2011-4605)

  - JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm
    (CVE-2012-1167)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2012/rhsa-2012_1026.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?af997990");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:1026");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=766469");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=802622");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL jbossas / jboss-naming packages based on the guidance in RHSA-2012:1026.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2011-4605");
  script_cwe_id(306);
  script_set_attribute(attribute:"vendor_severity", value:"Important");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/06/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-naming");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-messaging");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-ws-native");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("redhat_repos.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['5','6'])) audit(AUDIT_OS_NOT, 'Red Hat 5.x / 6.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/rhel/server/5/5Server/i386/jbeap/5/os',
      'content/dist/rhel/server/5/5Server/i386/jbeap/5/source/SRPMS',
      'content/dist/rhel/server/5/5Server/x86_64/jbeap/5/os',
      'content/dist/rhel/server/5/5Server/x86_64/jbeap/5/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'jboss-naming-5.0.3-4.CP01_patch_01.1.ep5.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-5.1.2-10.ep5.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-client-5.1.2-10.ep5.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-messaging-5.1.2-10.ep5.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-ws-native-5.1.2-10.ep5.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'}
    ]
  },
  {
    'repo_relative_urls': [
      'content/dist/rhel/server/6/6Server/i386/jbeap/5/os',
      'content/dist/rhel/server/6/6Server/i386/jbeap/5/source/SRPMS',
      'content/dist/rhel/server/6/6Server/x86_64/jbeap/5/os',
      'content/dist/rhel/server/6/6Server/x86_64/jbeap/5/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'jboss-naming-5.0.3-4.CP01_patch_01.2.ep5.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-5.1.2-10.ep5.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-client-5.1.2-10.ep5.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-messaging-5.1.2-10.ep5.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'},
      {'reference':'jbossas-ws-native-5.1.2-10.ep5.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap5'}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jboss-naming / jbossas / jbossas-client / jbossas-messaging / etc');
}
VendorProductVersionCPE
redhatenterprise_linux4cpe:/o:redhat:enterprise_linux:4
redhatenterprise_linuxjboss-namingp-cpe:/a:redhat:enterprise_linux:jboss-naming
redhatenterprise_linuxjbossasp-cpe:/a:redhat:enterprise_linux:jbossas
redhatenterprise_linuxjbossas-clientp-cpe:/a:redhat:enterprise_linux:jbossas-client
redhatenterprise_linuxjbossas-messagingp-cpe:/a:redhat:enterprise_linux:jbossas-messaging
redhatenterprise_linuxjbossas-ws-nativep-cpe:/a:redhat:enterprise_linux:jbossas-ws-native
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linux6cpe:/o:redhat:enterprise_linux:6

Related

redhat 6
veracode 2
cvelist 2
cve 2
nessus 1
seebug 2
ubuntucve 2
nvd 2
prion 2
securityvulns 2
redhat
redhat
(RHSA-2012:1026) Important: jbossas and jboss-naming security update
2012-06-20 00:00:00
(RHSA-2012:1027) Important: jbossas-web and jboss-naming security update
2012-06-20 00:00:00
(RHSA-2012:1024) Important: jbossas security update
2012-06-20 15:56:56
veracode
veracode
Authorization Bypass
2019-05-02 04:42:08
Unauthorized Modification
2019-01-15 08:53:23
cvelist
cvelist
CVE-2011-4605
2012-11-23 20:00:00
CVE-2012-1167
2012-11-23 20:00:00
cve
cve
CVE-2011-4605
2012-11-23 20:55:01
CVE-2012-1167
2012-11-23 20:55:02
nessus
nessus
RHEL 5 : jbossas (RHSA-2012:1025)
2013-01-24 00:00:00
seebug
seebug
JBoss Enterprise Application Platformๅฎ‰ๅ…จ้™ๅˆถ็ป•่ฟ‡ๆผๆดž
2012-08-03 00:00:00
JBoss Enterprise Application Platform/JBoss Enterprise Web Platformๅฎ‰ๅ…จ็ป•่ฟ‡ๆผๆดž
2012-06-23 00:00:00
ubuntucve
ubuntucve
CVE-2011-4605
2012-11-23 00:00:00
CVE-2012-1167
2012-11-23 00:00:00
nvd
nvd
CVE-2011-4605
2012-11-23 20:55:01
CVE-2012-1167
2012-11-23 20:55:02
prion
prion
Input validation
2012-11-23 20:55:00
Input validation
2012-11-23 20:55:00
securityvulns
securityvulns
[security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I &#40;NNMi&#41; for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service &#40;DoS&#41;, Unauthorized Access, Execution of Arbitrary Code
2013-07-29 00:00:00
HP Network Node Manager multiple security vulnerabilities
2013-07-29 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.7%

JSON
Related for REDHAT-RHSA-2012-1026.NASL
redhat6veracode2cvelist2cve2nessus1seebug2ubuntucve2nvd2prion2securityvulns2