This Metasploit module scans a JBoss instance for a few vulnerabilities.
a12e7bed1c1520945da6933fe60e8e26ea692e83a2883c115107e9e1823fe8deHP Security Bulletin HPSBMU02894 - Potential security vulnerabilities have been identified with HP Network Node Manager I (NNMi) on HP-UX, Linux, Solaris, and Windows. These vulnerabilities could be remotely exploited resulting in a Denial of Service (DoS) or unauthorized access or execution of arbitrary code. Revision 1 of this advisory.
eacd5c85848fe70e3b06674a93d19b20ce220a3b1047e565ac14544a22f6e877CA Technologies support is alerting customers to a potential risk with CA ControlMinder. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued remediation to address the vulnerability. The vulnerability occurs due to the default JBoss Application Server configuration not correctly enforcing authentication. A remote attacker can bypass authentication, which may result in arbitrary code execution and server compromise. This vulnerability only affects the server components.
64660f12f6dffd5ead18f692e26e016ebc3bd54a5bb79b9a73ea69407b74de6fCA Technologies Support is alerting customers to a potential risk with CA ControlMinder. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued remediation to address the vulnerability. The vulnerability occurs due to the default JBoss Application Server configuration not correctly enforcing authentication. A remote attacker can bypass authentication, which may result in arbitrary code execution and server compromise. This vulnerability only affects the server components.
c191161ea9ede921182bd50c60a26d485e8a24e091a255c3ef2ebc60b2e63446HP Security Bulletin HPSBMU02714 SSRT100244 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.
b86f70805db0f215bc834ef5a14c332e7f24719762c90556b3db44cff08ebdb2HP Security Bulletin HPSBMU02714 SSRT100244 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
df1fb5dc4f370f57e8fb63766b14aedc68b391941b231bfb7e693e68ee16c5c8This is a proof of concept exploit that leverages the addUrl method in the DeploymentScanner module on an exposed JBoss JMX console.
3b14a4e6aa14ccbdd211ed14a974885f5bc04e420e7ba32e5ebbbb4652200efbThis Metasploit module can be used to install a WAR file payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:BSHDeployer's createScriptDeployment() method.
8bc89c8613979d44be9747d0a887fce9f0459d5d6182d9efc465b994ee91205b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed