The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of JBoss AS 5: password reading via twiddle.sh

Synthesis of the vulnerability 

When the twiddle.sh script is used, a local attacker can use the ps command, in order to read the password.
Impacted products: JBoss AS OpenSource, RHEL, JBoss EAP by Red Hat.
Severity of this bulletin: 1/4.
Creation date: 23/07/2012.
Références of this threat: BID-54631, CVE-2009-5066, JBPAPP-3391, RHSA-2013:0191-01, RHSA-2013:0192-01, RHSA-2013:0193-01, RHSA-2013:0194-01, RHSA-2013:0195-01, RHSA-2013:0196-01, RHSA-2013:0197-01, RHSA-2013:0198-01, RHSA-2013:0221-01, RHSA-2013:0533-01, VIGILANCE-VUL-11787.

Description of the vulnerability 

The twiddle.sh script, which is provided with JBoss Application Server version 5, is used to connect to a JMX server. It uses twiddle.jar.

However, the login/password has to be provided on the command line. For example:
  ./twiddle.sh --user=MyLogin --password=MyPassword ...

When the twiddle.sh script is used, a local attacker can therefore use the ps command, in order to read the password.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity announce impacts software or systems such as JBoss AS OpenSource, RHEL, JBoss EAP by Red Hat.

Our Vigil@nce team determined that the severity of this threat alert is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer weakness alert.

Solutions for this threat 

JBoss AS 5: patch for twiddle.sh.
A patch allows the password to be read from stdin. It is available in information sources.

JBoss Enterprise 5.2.0: update.
An update is available in information sources.

JBoss Enterprise BRMS Platform: version 5.3.1.
The version 5.3.1 is fixed:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=brms&downloadType=distributions

JBoss Enterprise SOA Platform: version 5.3.1.
The version 5.3.1 is fixed:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=soaplatform&downloadType=distributions
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides networks vulnerabilities patches. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.