The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Red Hat JBoss EAP

vulnerability bulletin CVE-2017-2595 CVE-2017-2666 CVE-2017-2670

Red Hat JBoss Enterprise Application Platform: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Red Hat JBoss Enterprise Application Platform.
Impacted products: Debian, JBoss EAP by Red Hat.
Severity: 3/4.
Creation date: 08/06/2017.
Identifiers: CVE-2017-2595, CVE-2017-2666, CVE-2017-2670, DSA-3906-1, RHSA-2017:1409-01, RHSA-2017:1410-01, RHSA-2017:1411-01, RHSA-2017:1412-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:3454-01, RHSA-2017:3455-01, RHSA-2017:3456-01, RHSA-2017:3458-01, VIGILANCE-VUL-22923.

Description of the vulnerability

Several vulnerabilities were announced in Red Hat JBoss Enterprise Application Platform.

An attacker can traverse directories via the log viewer, in order to read a file outside the root path. [severity:2/4; CVE-2017-2595]

An attacker can tamper with HTTP response bodies by including invalid characters in the request. [severity:2/4; CVE-2017-2666]

An attacker can generate an infinite loop, in order to trigger a denial of service. [severity:3/4; CVE-2017-2670]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2017-5664

Apache Tomcat: error page tampering

Synthesis of the vulnerability

An attacker can trigger an HTTP error in Apache Tomcat, in order to corrupt the error page documents.
Impacted products: Tomcat, Blue Coat CAS, Debian, Fedora, HP-UX, Junos Space, MySQL Community, MySQL Enterprise, openSUSE Leap, Oracle Fusion Middleware, Solaris, Tuxedo, WebLogic, Percona Server, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, Ubuntu.
Severity: 2/4.
Creation date: 06/06/2017.
Identifiers: bulletinjul2017, cpuapr2018, CVE-2017-5664, DLA-996-1, DSA-3891-1, DSA-3892-1, FEDORA-2017-63789c8c29, FEDORA-2017-e4638a345c, HPESBUX03828, JSA10838, openSUSE-SU-2017:3069-1, RHSA-2017:1801-01, RHSA-2017:1802-01, RHSA-2017:1809-01, RHSA-2017:2493-01, RHSA-2017:2494-01, RHSA-2017:2633-01, RHSA-2017:2635-01, RHSA-2017:2636-01, RHSA-2017:2637-01, RHSA-2017:2638-01, RHSA-2017:3080-01, RHSA-2017:3081-01, SA156, SUSE-SU-2017:3039-1, SUSE-SU-2017:3059-1, SUSE-SU-2017:3279-1, SUSE-SU-2018:1847-1, USN-3519-1, VIGILANCE-VUL-22907.

Description of the vulnerability

The Apache Tomcat product offers a web service.

HTTP error pages may be customized. However, when the page content is provided by a static document instead of a servlet output, Tomcat allows to tamper with this source document.

An attacker can therefore trigger an HTTP error in Apache Tomcat, in order to corrupt the error page documents.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2017-7503

Red Hat JBoss EAP: external XML entity injection via javax.xml.transform.TransformerFactory

Synthesis of the vulnerability

An attacker can transmit malicious XML data via javax.xml.transform.TransformerFactory to Red Hat JBoss EAP, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: JBoss EAP by Red Hat.
Severity: 2/4.
Creation date: 19/05/2017.
Identifiers: 1451960, CVE-2017-7503, VIGILANCE-VUL-22769.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Red Hat JBoss EAP parser allows external entities.

An attacker can therefore transmit malicious XML data via javax.xml.transform.TransformerFactory to Red Hat JBoss EAP, in order to read a file, scan sites, or trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2017-6056

Apache Tomcat: infinite loop via AbstractInputBuffer.java

Synthesis of the vulnerability

An attacker can generate an infinite loop via AbstractInputBuffer.java of Apache Tomcat, in order to trigger a denial of service.
Impacted products: Tomcat, Debian, JBoss EAP by Red Hat, Ubuntu.
Severity: 3/4.
Creation date: 14/02/2017.
Identifiers: 57544, 60578, 851304, CVE-2017-6056, DLA-823-1, DLA-823-2, DSA-3787-1, DSA-3787-2, DSA-3788-1, DSA-3788-2, RHSA-2017:0517-01, RHSA-2017:0826-01, RHSA-2017:0827-01, RHSA-2017:0828-01, RHSA-2017:0829-01, USN-3204-1, VIGILANCE-VUL-21825.

Description of the vulnerability

The Apache Tomcat product has a JSP engine on HTTP 1.1.

However, the nextRequest() function of the java/org/apache/coyote/http11/AbstractInputBuffer.java file does not correctly manage a zero position.

An attacker can therefore generate an infinite loop via AbstractInputBuffer.java of Apache Tomcat, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2016-0762 CVE-2016-5018 CVE-2016-6794

Apache Tomcat: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Apache Tomcat.
Impacted products: Tomcat, Debian, Fedora, QRadar SIEM, Snap Creator Framework, openSUSE Leap, Solaris, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 27/10/2016.
Identifiers: 1999395, 1999474, 1999478, 1999479, 1999488, 1999532, 1999671, bulletinoct2016, CVE-2016-0762, CVE-2016-5018, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, DLA-728-1, DLA-729-1, DSA-3720-1, DSA-3721-1, FEDORA-2016-4094bd4ad6, FEDORA-2016-c1b01b9278, NTAP-20180605-0001, NTAP-20180607-0001, NTAP-20180607-0002, NTAP-20180614-0001, openSUSE-SU-2016:3129-1, openSUSE-SU-2016:3144-1, RHSA-2017:0455-01, RHSA-2017:0456-01, RHSA-2017:0457-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2247-01, SUSE-SU-2016:3079-1, SUSE-SU-2016:3081-1, SUSE-SU-2017:1632-1, SUSE-SU-2017:1660-1, USN-3177-1, USN-3177-2, VIGILANCE-VUL-20976.

Description of the vulnerability

Several vulnerabilities were announced in Apache Tomcat.

An attacker can bypass security features via SecurityManager, in order to escalate his privileges. [severity:2/4; CVE-2016-5018]

An attacker can bypass security features via Realm Timing, in order to obtain sensitive information. [severity:2/4; CVE-2016-0762]

An attacker can bypass security features via System Property, in order to obtain sensitive information. [severity:2/4; CVE-2016-6794]

An attacker can bypass security features via SecurityManager, in order to escalate his privileges. [severity:2/4; CVE-2016-6796]

An attacker can bypass security features via Global Resources, in order to obtain sensitive information. [severity:2/4; CVE-2016-6797]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2016-8610

OpenSSL: denial of service via SSL3_AL_WARNING

Synthesis of the vulnerability

An attacker can send SSL3_AL_WARNING packets to an SSLv3 application linked to OpenSSL, in order to trigger a denial of service.
Impacted products: OpenOffice, Debian, Fedora, FreeBSD, FreeRADIUS, hMailServer, HP Switch, AIX, IRAD, Security Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, Juniper ISG, Juniper J-Series, Junos OS, SSG, SRX-Series, Meinberg NTP Server, NetScreen Firewall, ScreenOS, OpenSSL, openSUSE Leap, Solaris, Palo Alto Firewall PA***, PAN-OS, pfSense, Pulse Connect Secure, RHEL, JBoss EAP by Red Hat, Shibboleth SP, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 24/10/2016.
Identifiers: 1996096, 2000095, 2003480, 2003620, 2003673, 2004940, 2009389, bulletinoct2016, CVE-2016-8610, DLA-814-1, DSA-3773-1, FEDORA-2017-3451dbec48, FEDORA-2017-e853b4144f, FreeBSD-SA-16:35.openssl, HPESBHF03897, JSA10808, JSA10809, JSA10810, JSA10811, JSA10813, JSA10814, JSA10816, JSA10817, JSA10818, JSA10820, JSA10821, JSA10822, JSA10825, openSUSE-SU-2017:0386-1, openSUSE-SU-2017:0487-1, PAN-SA-2017-0017, pfSense-SA-17_03.webgui, RHSA-2017:0286-01, RHSA-2017:0574-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2493-01, RHSA-2017:2494-01, SA40886, SP-CAAAPUE, SPL-129207, SUSE-SU-2017:0304-1, SUSE-SU-2017:0348-1, SUSE-SU-2018:0112-1, USN-3181-1, USN-3183-1, USN-3183-2, VIGILANCE-VUL-20941.

Description of the vulnerability

The OpenSSL product implements the SSL version 3 protocol.

The SSL3_AL_WARNING message is used to send an alert of level Warning. However, when these packets are received during the handshake, the library consumes 100% of CPU.

An attacker can therefore send SSL3_AL_WARNING packets to an SSLv3 application linked to OpenSSL, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2016-4459

Apache mod_cluster: buffer overflow via JVMRoute

Synthesis of the vulnerability

An attacker can generate a buffer overflow via JVMRoute of Apache mod_cluster, in order to trigger a denial of service, and possibly to run code.
Impacted products: JBoss EAP by Red Hat.
Severity: 2/4.
Creation date: 13/10/2016.
Identifiers: 1341583, CVE-2016-4459, RHSA-2016:2054-01, RHSA-2016:2055-01, RHSA-2016:2056-01, VIGILANCE-VUL-20859.

Description of the vulnerability

The Apache mod_cluster product processes JVMRoute messages via mod_manager.

However, if the size of JVMRoute data is greater than the size of the storage array, an overflow occurs.

An attacker can therefore generate a buffer overflow via JVMRoute of Apache mod_cluster, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2016-7046

JBoss Enterprise Application Platform: buffer overflow via Reverse Proxy

Synthesis of the vulnerability

An attacker can generate a buffer overflow via Reverse Proxy of JBoss Enterprise Application Platform, in order to trigger a denial of service.
Impacted products: RHEL, JBoss EAP by Red Hat.
Severity: 2/4.
Creation date: 04/10/2016.
Identifiers: 1376646, CVE-2016-7046, RHSA-2016:2640-01, RHSA-2016:2641-01, RHSA-2016:2642-01, RHSA-2016:2657-01, RHSA-2017:3454-01, RHSA-2017:3455-01, RHSA-2017:3456-01, RHSA-2017:3458-01, VIGILANCE-VUL-20757.

Description of the vulnerability

The JBoss Enterprise Application Platform product offers a web service.

However, if the size of data is greater than the size of the storage array, an overflow occurs.

An attacker can therefore generate a buffer overflow via Reverse Proxy of JBoss Enterprise Application Platform, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2016-6302 CVE-2016-6303 CVE-2016-6304

OpenSSL: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSL.
Impacted products: SDS, SES, SNS, Mac OS X, Arkoon FAST360, Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Cisco ASR, Cisco Aironet, Cisco ATA, Cisco AnyConnect Secure Mobility Client, Cisco ACE, ASA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco IPS, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Manager Attendant Console, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, Debian, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiGate, FortiGate Virtual Appliance, FortiOS, FreeBSD, FreeRADIUS, hMailServer, HP Switch, AIX, DB2 UDB, IRAD, QRadar SIEM, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere MQ, Copssh, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, MariaDB ~ precise, McAfee Email Gateway, ePO, MySQL Community, MySQL Enterprise, NetScreen Firewall, ScreenOS, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Solaris, Tuxedo, VirtualBox, WebLogic, Oracle Web Tier, Percona Server, XtraDB Cluster, pfSense, Pulse Connect Secure, Pulse Secure Client, Pulse Secure SBR, Puppet, RHEL, JBoss EAP by Red Hat, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS Enterprise BI Server, SAS Enterprise Guide, SAS Grid Manager, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Nessus, Ubuntu, WindRiver Linux, VxWorks.
Severity: 3/4.
Creation date: 22/09/2016.
Identifiers: 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1996096, 1999395, 1999421, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2000209, 2000544, 2002870, 2003480, 2003620, 2003673, 2008828, bulletinapr2017, bulletinjul2016, bulletinoct2016, CERTFR-2016-AVI-320, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpuapr2018, cpujan2017, cpujan2018, cpujul2017, cpuoct2017, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, DLA-637-1, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-16-050, FG-IR-17-127, FreeBSD-SA-16:26.openssl, HPESBHF03856, HT207423, JSA10759, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, RHSA-2016:2802-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2493-01, RHSA-2017:2494-01, SA132, SA40312, SB10171, SB10215, SOL54211024, SOL90492697, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, STORM-2016-005, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20678.

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL.

An attacker can create a memory over consumption via an OCSP request, in order to trigger a denial of service. [severity:3/4; CVE-2016-6304]

An attacker can make a process block itself via SSL_peek, in order to trigger a denial of service. [severity:2/4; CVE-2016-6305]

An attacker can generate a buffer overflow via MDC2_Update, in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2016-6303]

An attacker can generate a read only buffer overflow, in order to trigger a denial of service. [severity:1/4; CVE-2016-6302]

An attacker can generate a read only buffer overflow via the parsing of an X.509 certificate, in order to trigger a denial of service. [severity:1/4; CVE-2016-6306]

An attacker can make the server allocates a large amount of memory to process TLS packets. [severity:1/4; CVE-2016-6307]

An attacker can make the server allocates a large amount of memory to process DTLS packets. [severity:1/4; CVE-2016-6308]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2016-6345 CVE-2016-6346

JBoss RESTEasy: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of JBoss RESTEasy.
Impacted products: RESTEasy JBoss OpenSource, JBoss EAP by Red Hat.
Severity: 2/4.
Creation date: 08/09/2016.
Identifiers: 1372117, 1372120, CVE-2016-6345, CVE-2016-6346, RHSA-2017:0517-01, RHSA-2017:0826-01, RHSA-2017:0827-01, RHSA-2017:0828-01, RHSA-2017:0829-01, RHSA-2017:1675-01, RHSA-2017:1676-01, RHSA-2018:0002-01, RHSA-2018:0003-01, RHSA-2018:0004-01, RHSA-2018:0005-01, VIGILANCE-VUL-20541.

Description of the vulnerability

Several vulnerabilities were announced in JBoss RESTEasy.

An attacker can bypass security features via Async Jobs, in order to obtain sensitive information. [severity:2/4; 1372117, CVE-2016-6345]

An attacker can trigger a fatal error via GZIPInterceptor, in order to trigger a denial of service. [severity:2/4; 1372120, CVE-2016-6346]
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat JBoss EAP: