Otkriven je sigurnosni propust programskih paketa Spring Framework i Spring Security za JBoss Enterprise SOA Platform. Taj se propust može iskoristiti za zaobilaženje sigurnosnih provjera i pokretanje proizvoljnog koda na sustavu.
Paket:
JBoss Enterprise SOA Platform 5.x
Operacijski sustavi:
Microsoft Windows Server 2003, Microsoft Windows Server 2008, Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, Sun Solaris 9, Sun Solaris 10
Kritičnost:
5
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
proizvoljno izvršavanje programskog koda
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-2894
Izvorni ID preporuke:
RHSA-2011:1334-01
Izvor:
Red Hat
Problem:
Postoje nedostaci u načinu na koji Spring Framework 3 upravlja deserijalizacijom određenih Java objekata. Napadač koji upravlja tokom podataka može zaobići sigurnosna ograničenja.
Posljedica:
Napadač može iskoristiti posebno izrađeni Java objekt za pokretanje proizvoljnog koda s ovlastima procesa JBoss Application Server.
Rješenje:
Preporuča se instalacija nadogradnje te ponovna izgradnja postojećih aplikacija korištenjem novih datoteka.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: JBoss Enterprise SOA Platform 5.1.0 security
update
Advisory ID: RHSA-2011:1334-01
Product: JBoss Enterprise Middleware
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1334.html
Issue date: 2011-09-22
CVE Names: CVE-2011-2894
=====================================================================
1. Summary:
Updated Spring Framework 3 files for JBoss Enterprise SOA Platform 5.1.0
that fix multiple security issues are now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
2. Description:
JBoss Enterprise SOA Platform is the next-generation ESB and business
process automation infrastructure. JBoss Enterprise SOA Platform allows IT
to leverage existing (MoM and EAI), modern (SOA and BPM-Rules), and future
(EDA and CEP) integration methodologies to dramatically improve business
process execution speed and quality.
Multiple flaws were found in the way Spring Framework 3 deserialized
certain Java objects. If an attacker were able to control the stream from
which an application with the Spring Framework 3 AOP in its class-path was
deserializing objects, they could use these flaws to execute arbitrary code
with the privileges of the JBoss Application Server process via a
specially-crafted, serialized Java object. (CVE-2011-2894)
Note: JBoss Enterprise SOA Platform does not expose applications that
deserialize objects from an untrusted source by default. These flaws would
affect applications configured to trust a malicious source, for example,
if the messaging service was configured to look up a remote messaging
queue, and an attacker had control of that queue.
All users of JBoss Enterprise SOA Platform 5.1.0 as provided from the Red
Hat Customer Portal are advised to install this update. Refer to the
Solution section for information about installing the update.
3. Solution:
The References section of this erratum contains a download link (you must
log in to download the update). Before applying the update, back up your
existing JBoss Enterprise SOA Platform installation (including its
databases, applications, configuration files, and so on).
If you have created custom applications that are packaged with a copy of
the Spring Framework 3 library, those applications must be rebuilt with the
Spring Framework 3 files provided by this update.
Note that it is recommended to halt the JBoss Enterprise SOA Platform
server by stopping the JBoss Application Server process before installing
this update, and then after installing the update, restart the JBoss
Enterprise SOA Platform server by starting the JBoss Application Server
process.
4. Bugs fixed (http://bugzilla.redhat.com/):
737611 - CVE-2011-2894 Spring Framework, Spring Security: Chosen commands
execution on the server (Framework) or authentication token bypass (Security) by
objects de-serialization
5. References:
https://www.redhat.com/security/data/cve/CVE-2011-2894.html
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=soaplatform&downloadType=securityPatches&version=5.1.0+GA
6. Contact:
The Red Hat security contact is <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOe2u0XlSAg2UNWIIRAko1AJ9jCnICBuYt0Ou2XIybJd3dHE/axACfQe48
rPSltdXnEliw5kYHw+eukDg=
=b+0C
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://www.redhat.com/mailman/listinfo/rhsa-announce
Posljednje sigurnosne preporuke