Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform

 

Systems Affected


JBoss Enterprise Application Platform 6 EL6
JBoss Enterprise Application Platform 6.2 EL6

Component Affected
Apache CXF versions 2.6.x prior to 2.6.14
Apache CXF versions 2.7.x prior to 2.7.11

Threat Level


Medium


Overview


Multiple vulnerabilities have been reported in Apache CXF implementation, that provides core enterprise service bus capabilities in Red Hat JBoss Enterprise Application Platform, which could allow a remote attacker to gain unauthorized access, cause denial of service, view arbitrary files and retrieve username and password used by the target application.


Description


1. Apache CXF SAML Tokens Validation Security Bypass Vulnerability ( CVE-2014-0034 ) This vulnerability is caused due to improper validation of SAML tokens by the SecurityTokenService (STS). A remote attacker could exploit this vulnerability by providing specially crafted SAML token and gain access to an application that validates the SAML tokens using STS if caching is enabled.

2. Apache CXF UsernameToken Information Disclosure Vulnerability ( CVE-2014-0035 ) This vulnerability is caused due to the usage of a Symmetric EncryptBeforeSigning password policy which causes the UsernameTokens to be transmitted in plaintext. A remote attacker could successfully exploit this vulnerability to gain username and password used by the application.

3. Apache CXF Remote Denial of Service Vulnerability ( CVE-2014-0109 ) This vulnerability is caused due to improper error messages created for POST requests. A remote attacker could successfully exploit this vulnerability by sending a specially crafted request that consumes disproportionate amount of memory thereby triggering an Out of Memory (OOM) error.

4. Apache CXF Denial of Service Vulnerability ( CVE-2014-0110 ) This vulnerability is caused due to improper validation of large SOAP messages by Apache CXF and these messages being stored to a temporary file in /tmp directory. A remote attacker could successfully exploit this vulnerability by sending a specially-crafted SOAP message to cause excessive consumption of disk space and hence causing denial of service.

5. JBoss Enterprise Application Platform XML External Entity Information Disclosure Vulnerability ( CVE-2014-3481 ) This vulnerability is caused due to external entity expansion enabled by the Java API for RESTful Web Services (JAX-RS) implementation. A remote attacker could successfully exploit this vulnerability to view the contents of arbitrary files accessible to the target user.


Impact



Solution/ Workarounds


Apply the appropriate fix/patch as mentioned by the vendor
https://rhn.redhat.com/errata/RHSA-2014-0799.html

RedHat
https://rhn.redhat.com/errata/RHSA-2014-0799.html


References


http://www.cert-in.org.in/


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.