Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root:jboss, 664). On systems using classic /etc/init.d init scripts (i.e. on Red Hat Enterprise Linux 6 and earlier), the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss Enterprise Application Platform 权限许可和访问控制问题漏洞
Vulnerability Description
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源、基于J2EE的中间件平台。该平台主要用于构建、部署和托管Java应用程序与服务。 Red Hat JBoss EAP中存在权限许可和访问控制漏洞,该漏洞源于EAP将错误的权限用于/etc/sysconfig/jbossas配置文件。本地攻击者可利用该漏洞获取提升的权限。
CVSS Information
N/A
Vulnerability Type
N/A