geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Bohn (JIRA)" <j...@apache.org>
Subject [jira] Updated: (GERONIMO-4597) Validate Web Admin Console input - address admin console security vulnerabilities
Date Tue, 31 Mar 2009 15:39:50 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-4597?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Joe Bohn updated GERONIMO-4597:
-------------------------------

    Description: 
This JIRA addresses the following security vulnerabilities in the web admin console:

CVE-2008-5518: Apache Geronimo web administration console directory traversal vulnerabilities.
A vulnerability was found in several portlets including Services/Repository, Embedded DB/DB
Manager, and Security/Keystores when running the Apache Geronimo server on Windows. This issue
may allow a remote attacker to upload any file in any directory.  This affects all full JavaEE
Geronimo assemblies or other distributions which include the administration web console up
to and including Apache Geronimo 2.1.3. An alternative workaround (if you choose to not upgrade
to Apache Geronimo 2.1.4) would be to stop or undeploy the administration web console application
in the server.
Credit: The Apache Geronimo project would like to thank Digital Security Research Group (dsecrg.com)
for responsibly reporting this issue and assisting us with validating  our fixes.

CVE-2009-0038: Apache Geronimo web administration console XSS vulnerabilities
Various linked and stored cross-site scripting (XSS) vulnerabilities were found in the Apache
Geronimo administrative console and related utilities.  Using this vulnerability an attacker
can steal an administrator's cookie and then authenticate as administrator or perform certain
administrative actions. For example, a user can inject XSS in some URLs or in several input
fields in various portlets.  This affects all full JavaEE Geronimo assemblies or other distributions
which include the administration web console up to and including Apache Geronimo 2.1.3.  An
alternative workaround (if you choose to not upgrade to Apache Geronimo 2.1.4) would be to
stop or undeploy the administration web console application in the server.
Credit: The Apache Geronimo project would like to thank Digital Security Research Group (dsecrg.com)
and Marc Schoenefeld (Red Hat Security Response Team) for responsibly reporting this issue
and assisting us with validating our fixes.


CVE-2009-0039: Apache Geronimo web administration console XSRF vulnerabilities
Various cross-site request forgery (XSRF or CSRF) vulnerabilities were identified in the Apache
Geronimo web administration console. Exploiting these issues may allow a remote attacker to
perform certain administrative actions, e.g. change web administration password, upload applications,
etc... using predictable URL requests once the user has authenticated and obtained a valid
session with the server.  This affects all full JavaEE Geronimo assemblies or other distributions
which include the administration web console up to and including Apache Geronimo 2.1.3.  An
alternative workaround (if you choose to not upgrade to Apache Geronimo 2.1.4) would be to
stop or undeploy the administration web console application in the server.
Credit: The Apache Geronimo project would like to thank Digital Security Research Group (dsecrg.com)
for responsibly reporting this issue and assisting us with validating our fixes. 



It corrects the issues with the addition of directory checks and a servlet filter to check
for XSS and XSRF vulnerabilities
        Summary: Validate Web Admin Console input - address admin console security vulnerabilities
 (was: Validate Web Admin Console input)

> Validate Web Admin Console input - address admin console security vulnerabilities
> ---------------------------------------------------------------------------------
>
>                 Key: GERONIMO-4597
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4597
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: console
>    Affects Versions: 2.1, 2.1.1, 2.1.2, 2.1.3
>            Reporter: Joe Bohn
>            Assignee: Joe Bohn
>             Fix For: 2.1.4, 2.1.5, 2.2
>
>
> This JIRA addresses the following security vulnerabilities in the web admin console:
> CVE-2008-5518: Apache Geronimo web administration console directory traversal vulnerabilities.
> A vulnerability was found in several portlets including Services/Repository, Embedded
DB/DB Manager, and Security/Keystores when running the Apache Geronimo server on Windows.
This issue may allow a remote attacker to upload any file in any directory.  This affects
all full JavaEE Geronimo assemblies or other distributions which include the administration
web console up to and including Apache Geronimo 2.1.3. An alternative workaround (if you choose
to not upgrade to Apache Geronimo 2.1.4) would be to stop or undeploy the administration web
console application in the server.
> Credit: The Apache Geronimo project would like to thank Digital Security Research Group
(dsecrg.com) for responsibly reporting this issue and assisting us with validating  our fixes.
> CVE-2009-0038: Apache Geronimo web administration console XSS vulnerabilities
> Various linked and stored cross-site scripting (XSS) vulnerabilities were found in the
Apache Geronimo administrative console and related utilities.  Using this vulnerability an
attacker can steal an administrator's cookie and then authenticate as administrator or perform
certain administrative actions. For example, a user can inject XSS in some URLs or in several
input fields in various portlets.  This affects all full JavaEE Geronimo assemblies or other
distributions which include the administration web console up to and including Apache Geronimo
2.1.3.  An alternative workaround (if you choose to not upgrade to Apache Geronimo 2.1.4)
would be to stop or undeploy the administration web console application in the server.
> Credit: The Apache Geronimo project would like to thank Digital Security Research Group
(dsecrg.com) and Marc Schoenefeld (Red Hat Security Response Team) for responsibly reporting
this issue and assisting us with validating our fixes.
> CVE-2009-0039: Apache Geronimo web administration console XSRF vulnerabilities
> Various cross-site request forgery (XSRF or CSRF) vulnerabilities were identified in
the Apache Geronimo web administration console. Exploiting these issues may allow a remote
attacker to perform certain administrative actions, e.g. change web administration password,
upload applications, etc... using predictable URL requests once the user has authenticated
and obtained a valid session with the server.  This affects all full JavaEE Geronimo assemblies
or other distributions which include the administration web console up to and including Apache
Geronimo 2.1.3.  An alternative workaround (if you choose to not upgrade to Apache Geronimo
2.1.4) would be to stop or undeploy the administration web console application in the server.
> Credit: The Apache Geronimo project would like to thank Digital Security Research Group
(dsecrg.com) for responsibly reporting this issue and assisting us with validating our fixes.

> It corrects the issues with the addition of directory checks and a servlet filter to
check for XSS and XSRF vulnerabilities

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message