Showing 1 - 3 of 3

CVE-2013-4213

Status Candidate

Overview

Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client.

Related Files

Red Hat Security Advisory 2013-1437-01: Posted Oct 17, 2013; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2013-1437-01 - This Red Hat JBoss Portal 6.1.0 release serves as a replacement for 6.0.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2012-4431, CVE-2012-4529, CVE-2012-4572, CVE-2012-5575, CVE-2013-1921, CVE-2013-2067, CVE-2013-2102, CVE-2013-2160, CVE-2013-2172, CVE-2013-4112, CVE-2013-4128, CVE-2013-4213; SHA-256 | c561772e782ab85b102432049507a7b5cc958b68879cf92daa7410179afdf208; Download | Favorite | View

Red Hat Security Advisory 2013-1151-01: Posted Aug 12, 2013; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2013-1151-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A flaw was discovered in the way authenticated connections were cached on the server by remote-naming. After a user has successfully logged in, a remote attacker could use a remoting client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user. A flaw was discovered in the way connections for remote EJB invocations via the EJB client API were cached on the server. After a user has successfully logged in, a remote attacker could use an EJB client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user.; tags | advisory, java, remote; systems | linux, redhat; advisories | CVE-2013-4128, CVE-2013-4213; SHA-256 | 5e6d958816f76a7dc58ecb35d6843de010eada38c87140b78c803ed75e597feb; Download | Favorite | View

Red Hat Security Advisory 2013-1152-01: Posted Aug 12, 2013; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2013-1152-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A flaw was discovered in the way authenticated connections were cached on the server by remote-naming. After a user has successfully logged in, a remote attacker could use a remoting client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user. A flaw was discovered in the way connections for remote EJB invocations via the EJB client API were cached on the server. After a user has successfully logged in, a remote attacker could use an EJB client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user.; tags | advisory, java, remote; systems | linux, redhat; advisories | CVE-2013-4128, CVE-2013-4213; SHA-256 | 3129717156814de23bcb00f945fb1a5cf0db456762e86140e961bb07bf3ce419; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 229 files
Ubuntu 82 files
Gentoo 24 files
Debian 20 files
Google Security Research 17 files
Mirabbas Agalarov 16 files
CraCkEr 11 files
Ivan Fratric 8 files
Ahmet Umit Bayram 7 files
nu11secur1ty 7 files

File Archives

Systems

AIX (428)
Apple (1,970)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,748)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,312)
HPUX (879)
iOS (342)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,734)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,304)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,605)
UNIX (9,232)
UnixWare (186)
Windows (6,555)
Other

CVE-2013-4213

Overview

Related Files

File Archive:

May 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems