Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI Over HTTP) Marshalled Object Remote Code Execution Network Vulnerability

Summary

Apache Tomcat/JBoss Application Server is prone to multiple remote code- execution vulnerabilities.

Impact

Successfully exploiting these issues may allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

Solution

Ask the Vendor for an update.

Insight

The specific flaw exists within the exposed EJBInvokerServlet and JMXInvokerServlet. An unauthenticated attacker can post a marshalled object allowing them to install an arbitrary application on the target server.

Affected

Apache Tomcat/JBoss Application Server

Detection

Determine if EJBInvokerServlet/JMXInvokerServlet accessible without authentication.

References

http://www.securityfocus.com/bid/62854

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
AjaxPortal 'di.php' File Inclusion Vulnerability
Allegro RomPager `Misfortune Cookie` Vulnerability
Assesi 'bg' Parameter SQL Injection vulnerability
Admin News Tools Multiple Vulnerabilities

Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution

Take action and discover your vulnerabilities