1 Reply Latest reply on Nov 4, 2013 8:48 AM by Tomaz Cerar

    JBoss AS 4.2.3.GA has some security vulnerability. Need help in fixing it.

    mkrishna143 Newbie



      This issue happened in one of our production server, which has JBoss 4.2.3.GA server running.

      Some outside systems has deployed "a.war" in the <JBOSS_HOME>/server/default/work/jboss.web/localhost/ directory.

      This war file keeps on creating/flooding several requests to external sites.

      Using kill command, those processes have been killed and this "a.war" folder has been removed.

      When searched through forums, it was mentioned that when jmx-console is opened without any password or with the default password, anyone can deploy web application.

      However, for security reasons, we have already removed jmx-console and web-console war folders, to prevent external resources deploy anything in our server.

      The firewall will allow only grant access to port 80 and not any other ports.

      What could be the reason for this issue and how should we fix this issue?

      Your quick assistance will help us solve this issue.