domingo, 1 de março de 2015

[Penetration Test] WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816



WildFly[1], formerly known as JBoss AS, or simply JBoss, is an application server authored by JBoss, now developed by Red Hat. WildFly is written in Java, and implements the Java Platform, Enterprise Edition (Java EE) specification. It runs on multiple platforms.

WildFly is free and open-source software, subject to the requirements of the GNU Lesser General Public License (LGPL), version 2.1.

Directory traversal[2] vulnerability in WildFly 8.1.0.Final allows remote attackers to read arbitrary files via a .. (dot dot) in the URI parameter in a render action to standalone/configuration/standalone.xml or any other configuration file.

The vendor has proveid patches that fix the flaws. Our advisory with more detailed information can be found at our website[3]. CVE mitre website[4].

[1] http://wildfly.org/
[2] https://www.owasp.org/index.php/Testing_Directory_traversal/file_include_(OTG-AUTHZ-001)
[3] https://www.conviso.com.br/advisories/CVE-2014-7816.txt
[4] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-7816

Posted previously in http://blog.conviso.com.br/2014/12/wildfly-8-jbossas-application-directory.html by the same author.

[Penetration Test] HP Operations Manager Perfd Environment Scanner


During a intrusion test conducted recently, I found a daemon called perfd ​​which is listening on port 5227. According to IANA[1], the daemon is "HP System Performance Metric Service"[2] service.

To get the latest update of me and my works

>> <<