First published: Thu May 17 2018(Updated: )
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.<br>Security Fix(es):<br><li> jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation (CVE-2016-8656)</li> <li> jboss: jbossas writable config files allow privilege escalation (CVE-2016-8657)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/jbossas | <5.2.0-23.ep5.el6 | 5.2.0-23.ep5.el6 |
redhat/jbossas | <5.2.0-23.ep5.el6 | 5.2.0-23.ep5.el6 |
redhat/jbossas-client | <5.2.0-23.ep5.el6 | 5.2.0-23.ep5.el6 |
redhat/jbossas-messaging | <5.2.0-23.ep5.el6 | 5.2.0-23.ep5.el6 |
redhat/jbossas-ws-native | <5.2.0-23.ep5.el6 | 5.2.0-23.ep5.el6 |
redhat/jbossas | <5.2.0-23.ep5.el5 | 5.2.0-23.ep5.el5 |
redhat/jbossas | <5.2.0-23.ep5.el5 | 5.2.0-23.ep5.el5 |
redhat/jbossas-client | <5.2.0-23.ep5.el5 | 5.2.0-23.ep5.el5 |
redhat/jbossas-messaging | <5.2.0-23.ep5.el5 | 5.2.0-23.ep5.el5 |
redhat/jbossas-ws-native | <5.2.0-23.ep5.el5 | 5.2.0-23.ep5.el5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.