RHSA-2017:3458: Important: eap7-jboss-ec2-eap security update
First published: Wed Dec 13 2017(Updated: )
The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).<br>With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.1.<br>Refer to the JBoss Enterprise Application Platform 7.1 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.<br>Security Fix(es):<br><li> A Denial of Service can be caused when a long request is sent to EAP 7. (CVE-2016-7046)</li> <li> The jboss init script unsafe file handling resulting in local privilege escalation. (CVE-2016-8656)</li> <li> A deserialization vulnerability via readValue method of ObjectMapper which allows arbitrary code execution. (CVE-2017-7525) </li> <li> JMSObjectMessage deserializes potentially malicious objects allowing Remote Code Execution. (CVE-2016-4978)</li> <li> Undertow is vulnerable to the injection of arbitrary HTTP headers, and also response splitting. (CVE-2016-4993)</li> <li> The domain controller will not propagate its administrative RBAC configuration to some slaves leading to escalate their privileges. (CVE-2016-5406)</li> <li> Internal IP address disclosed on redirect when request header Host field is not set. (CVE-2016-6311)</li> <li> Potential EAP resource starvation DOS attack via GET requests for server log files. (CVE-2016-8627)</li> <li> Inefficient Header Cache could cause denial of service. (CVE-2016-9589)</li> <li> The log file viewer allows arbitrary file read to authenticated user via path traversal. (CVE-2017-2595)</li> <li> HTTP Request smuggling vulnerability due to permitting invalid characters in HTTP requests. (CVE-2017-2666)</li> <li> Websocket non clean close can cause IO thread to get stuck in a loop. (CVE-2017-2670)</li> <li> Privilege escalation with security manager's reflective permissions when granted to Hibernate Validator. (CVE-2017-7536)</li> <li> Potential http request smuggling as Undertow parses the http headers with unusual whitespaces. (CVE-2017-7559)</li> <li> Properties based files of the management and the application realm are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)</li> <li> RBAC configuration allows users with a Monitor role to view the sensitive information. (CVE-2016-7061)</li> <li> Improper whitespace parsing leading to potential HTTP request smuggling. (CVE-2017-12165)</li> Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525; Calum Hutton (NCC Group) and Mikhail Egorov (Odin) for reporting CVE-2016-4993; Luca Bueti for reporting CVE-2016-6311; Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589; and Gregory Ramsperger and Ryan Moak for reporting CVE-2017-2670. The CVE-2016-5406 issue was discovered by Tomaz Cerar (Red Hat); the CVE-2016-8627 issue was discovered by Darran Lofthouse (Red Hat) and Brian Stansberry (Red Hat); the CVE-2017-2666 issue was discovered by Radim Hatlapatka (Red Hat); the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat); the CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat). Upstream acknowledges WildFly as the original reporter of CVE-2016-6311.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/eap7-jboss-ec2-eap | <7.1.0-5.GA_redhat_5.ep7.el7 | 7.1.0-5.GA_redhat_5.ep7.el7 |
| redhat/eap7-jboss-ec2-eap | <7.1.0-5.GA_redhat_5.ep7.el7 | 7.1.0-5.GA_redhat_5.ep7.el7 |
| redhat/eap7-jboss-ec2-eap-samples | <7.1.0-5.GA_redhat_5.ep7.el7 | 7.1.0-5.GA_redhat_5.ep7.el7 |
| redhat/eap7-jboss-ec2-eap | <7.1.0-5.GA_redhat_5.ep7.el6 | 7.1.0-5.GA_redhat_5.ep7.el6 |
| redhat/eap7-jboss-ec2-eap | <7.1.0-5.GA_redhat_5.ep7.el6 | 7.1.0-5.GA_redhat_5.ep7.el6 |
| redhat/eap7-jboss-ec2-eap-samples | <7.1.0-5.GA_redhat_5.ep7.el6 | 7.1.0-5.GA_redhat_5.ep7.el6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1344321
- https://bugzilla.redhat.com/show_bug.cgi?id=1359014
- https://bugzilla.redhat.com/show_bug.cgi?id=1362735
- https://bugzilla.redhat.com/show_bug.cgi?id=1376646
- https://bugzilla.redhat.com/show_bug.cgi?id=1379207
- https://bugzilla.redhat.com/show_bug.cgi?id=1380852
- https://bugzilla.redhat.com/show_bug.cgi?id=1388240
- https://bugzilla.redhat.com/show_bug.cgi?id=1400344
- https://bugzilla.redhat.com/show_bug.cgi?id=1404782
- https://bugzilla.redhat.com/show_bug.cgi?id=1413028
- https://bugzilla.redhat.com/show_bug.cgi?id=1436163
- https://bugzilla.redhat.com/show_bug.cgi?id=1438885
- https://bugzilla.redhat.com/show_bug.cgi?id=1462702
- https://bugzilla.redhat.com/show_bug.cgi?id=1465573
- https://bugzilla.redhat.com/show_bug.cgi?id=1481665
- https://bugzilla.redhat.com/show_bug.cgi?id=1490301
- https://bugzilla.redhat.com/show_bug.cgi?id=1491612
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/
- https://access.redhat.com/errata/RHSA-2017:3458 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2017:3458
- agent/software-canonical-lookup
- package-manager/redhat