CVE-2013-4112 Information

Description

The DiagnosticsHandler in JGroup 3.0.x 3.1.x 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.

Reference

http://rhn.redhat.com/errata/RHSA-2013-1207.html http://rhn.redhat.com/errata/RHSA-2013-1208.html http://rhn.redhat.com/errata/RHSA-2013-1209.html http://rhn.redhat.com/errata/RHSA-2013-1437.html http://rhn.redhat.com/errata/RHSA-2013-1771.html http://rhn.redhat.com/errata/RHSA-2014-0029.html https://bugzilla.redhat.com/show_bug.cgi?id=983489