exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2010-0738

Status Candidate

Overview

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.

Related Files

HP Security Bulletin HPSBMU02894
Posted Jul 25, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02894 - Potential security vulnerabilities have been identified with HP Network Node Manager I (NNMi) on HP-UX, Linux, Solaris, and Windows. These vulnerabilities could be remotely exploited resulting in a Denial of Service (DoS) or unauthorized access or execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows, solaris, hpux
advisories | CVE-2007-5333, CVE-2009-3554, CVE-2010-0738, CVE-2010-1428, CVE-2010-1429, CVE-2011-1483, CVE-2011-2196, CVE-2011-4605, CVE-2011-4858, CVE-2012-3546
SHA-256 | eacd5c85848fe70e3b06674a93d19b20ce220a3b1047e565ac14544a22f6e877
Security Notice For CA ControlMinder - Update
Posted Apr 30, 2013
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a potential risk with CA ControlMinder. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued remediation to address the vulnerability. The vulnerability occurs due to the default JBoss Application Server configuration not correctly enforcing authentication. A remote attacker can bypass authentication, which may result in arbitrary code execution and server compromise. This vulnerability only affects the server components.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-0738
SHA-256 | 64660f12f6dffd5ead18f692e26e016ebc3bd54a5bb79b9a73ea69407b74de6f
Security Notice For CA ControlMinder
Posted Feb 13, 2013
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA ControlMinder. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued remediation to address the vulnerability. The vulnerability occurs due to the default JBoss Application Server configuration not correctly enforcing authentication. A remote attacker can bypass authentication, which may result in arbitrary code execution and server compromise. This vulnerability only affects the server components.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-0738
SHA-256 | c191161ea9ede921182bd50c60a26d485e8a24e091a255c3ef2ebc60b2e63446
HP Security Bulletin HPSBMU02714 SSRT100244 2
Posted Nov 15, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02714 SSRT100244 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.

tags | advisory
systems | linux, windows, solaris, hpux
advisories | CVE-2010-0738
SHA-256 | b86f70805db0f215bc834ef5a14c332e7f24719762c90556b3db44cff08ebdb2
HP Security Bulletin HPSBMU02714 SSRT100244
Posted Oct 26, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02714 SSRT100244 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows, solaris, hpux
advisories | CVE-2010-0738
SHA-256 | df1fb5dc4f370f57e8fb63766b14aedc68b391941b231bfb7e693e68ee16c5c8
JBoss addURL Misconfiguration Attack
Posted Oct 3, 2011
Authored by y0ug

This is a proof of concept exploit that leverages the addUrl method in the DeploymentScanner module on an exposed JBoss JMX console.

tags | exploit, proof of concept
advisories | CVE-2010-0738
SHA-256 | 3b14a4e6aa14ccbdd211ed14a974885f5bc04e420e7ba32e5ebbbb4652200efb
JBoss JMX Console Beanshell Deployer WAR Upload And Deployment
Posted Jun 24, 2010
Authored by Patrick Hof, jduck | Site metasploit.com

This Metasploit module can be used to install a WAR file payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:BSHDeployer's createScriptDeployment() method.

tags | exploit
advisories | CVE-2010-0738
SHA-256 | 8bc89c8613979d44be9747d0a887fce9f0459d5d6182d9efc465b994ee91205b
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close