CVE-2006-5750 Information
Description
Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files and possibly execute arbitrary code via unspecified vectors related to the console manager.
Reference
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01390402 http://jira.jboss.com/jira/browse/ASPATCH-126 http://jira.jboss.com/jira/browse/JBAS-3861 http://secunia.com/advisories/23095 http://secunia.com/advisories/23984 http://secunia.com/advisories/24104 http://secunia.com/advisories/29726 http://securitytracker.com/id?1017289 http://www.novell.com/linux/security/advisories/2007_02_sr.html http://www.osvdb.org/30767 http://www.redhat.com/support/errata/RHSA-2006-0743.html http://www.securityfocus.com/archive/1/452830/100/0/threaded http://www.securityfocus.com/archive/1/452862/100/100/threaded http://www.securityfocus.com/bid/21219 http://www.vupen.com/english/advisories/2006/4724 http://www.vupen.com/english/advisories/2006/4726 http://www.vupen.com/english/advisories/2007/0554 http://www.vupen.com/english/advisories/2008/1155/references https://secure-support.novell.com/KanisaPlatform/Publishing/719/3024921_f.SAL_Public.html
Share on: