SB2017060710 - Red Hat update for eap7-jboss-ec2-eap

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2016-9606)

The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists due to improper parsing of user-supplied requests. A remote attacker can submit a specially crafted request, which when parsed by the YamlProvider feature of the affected application allows to execute arbitrary code with the permissions of the application using RESTEasy.

Successful exploitation of the vulnerability may result in full system compromise.

2) Path traversal (CVE-ID: CVE-2017-2595)

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.

The weakness exists due to path traversal flaw in the log file viewer. A remote attacker can send specially crafted data and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

3) HTTP response splitting (CVE-ID: CVE-2017-2666)

The vulnerability allows a remote attacker to perform a phishing attack

The vulnerability exists due to an error when processing headers in HTTP requests in Undertow. A remote attacker can create a specially crafted HTTP request, split the HTTP response from server and poison the web cache. 

Successful exploitation of the vulnerability may allow an attacker to poison web cache and perform phishing or XSS attacks against website visitors.

4) Denial of service (CVE-ID: CVE-2017-2670)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when closing TCP sockets in Undertow. A remote attacker can create and close multiple TCP connections, which my result in infinite loop and server crash.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2017:1412