JBoss 4.2 is too old and outdated.
However it seems that you might be affected with the : https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0738
So check your "jmx-console.war/WEB-INF/web.xml" file... if you find any http-method then remove them. (first delete all the unwanted files which are created inside your jboss/bin and then fix the jmx-console.war)
Thank you for responding to this issue.
I have removed jmx-console.war, jbossws.sar and bsh-deployer.xml files. Do I still need to do the cnofigurations mentioned by you?
No, If you have already removed them then it can not cause attacks. But you need to make sure that the malicious files, which got created earlier are deleted.