Versions Compared

Old Version 15

changes.mady.by.user Richard McGuire

Saved on

compared with

New Version 16

changes.mady.by.user Richard McGuire

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Apache Geronimo 2.1.x vulnerabilities

This page lists all security vulnerabilities fixed in maintenance releases or interim builds of Apache Geronimo 2.1. Each vulnerability is given a security impact rating by either the Apache Geronimo team or by the dependent project supplying the fix - please note that this rating is not uniform and will vary from project to project. We also list the versions of Apache Geronimo the flaw is known to affect, and where a flaw has not been verified list the version with a question mark.

Please send comments or corrections for these vulnerabilities to the Geronimo Security mailing list.


Other Known Vulnerabilities

None at this time.


Fixed in Geronimo 2.1.5
Anchor
215
215

Please visit the 2.1.5 Release Notes page for details on all of the included JIRAs.

Fixed in Geronimo 2.1.4
Anchor
214
214

Please visit the 2.1.4 Release Notes page for details on all of the included JIRAs.

Geronimo Server

Included patch to close potential denial of service attack vector (OOM) in Tomcat session handling

JIRA: GERONIMO-3838
Affects: 2.1-2.1.3

Geronimo Admin Console:

CVE-2008-5518: Apache Geronimo web administration console directory traversal vulnerabilities.

A vulnerability was found in several portlets including Services/Repository, Embedded DB/DB Manager, and Security/Keystores when running the Apache Geronimo server on Windows. This issue may allow a remote attacker to upload any file in any directory. This affects all full JavaEE Geronimo assemblies or other distributions which include the administration web console up to and including Apache Geronimo 2.1.3. An alternative workaround (if you choose to not upgrade to Apache Geronimo 2.1.4) would be to stop or undeploy the administration web console application in the server.
Credit: The Apache Geronimo project would like to thank Digital Security Research Group (dsecrg.com) for responsibly reporting this issue and assisting us with validating our fixes.

JIRA: GERONIMO-4597
Affects: 2.1-2.1.3

CVE-2009-0038: Apache Geronimo web administration console XSS vulnerabilities

Various linked and stored cross-site scripting (XSS) vulnerabilities were found in the Apache Geronimo administrative console and related utilities. Using this vulnerability an attacker can steal an administrator's cookie and then authenticate as administrator or perform certain administrative actions. For example, a user can inject XSS in some URLs or in several input fields in various portlets. This affects all full JavaEE Geronimo assemblies or other distributions which include the administration web console up to and including Apache Geronimo 2.1.3. An alternative workaround (if you choose to not upgrade to Apache Geronimo 2.1.4) would be to stop or undeploy the administration web console application in the server.
Credit: The Apache Geronimo project would like to thank Digital Security Research Group (dsecrg.com) and Marc Schoenefeld (Red Hat Security Response Team) for responsibly reporting this issue and assisting us with validating our fixes.

JIRA: GERONIMO-4597
Affects: 2.1-2.1.3

CVE-2009-0039: Apache Geronimo web administration console XSRF vulnerabilities

Various cross-site request forgery (XSRF or CSRF) vulnerabilities were identified in the Apache Geronimo web administration console. Exploiting these issues may allow a remote attacker to perform certain administrative actions, e.g. change web administration password, upload applications, etc... using predictable URL requests once the user has authenticated and obtained a valid session with the server. This affects all full JavaEE Geronimo assemblies or other distributions which include the administration web console up to and including Apache Geronimo 2.1.3. An alternative workaround (if you choose to not upgrade to Apache Geronimo 2.1.4) would be to stop or undeploy the administration web console application in the server.
Credit: The Apache Geronimo project would like to thank Digital Security Research Group (dsecrg.com) for responsibly reporting this issue and assisting us with validating our fixes.

JIRA: GERONIMO-4597
Affects: 2.1-2.1.3


Fixed in Geronimo 2.1.3
Anchor
213
213

Please visit the 2.1.3 Release Notes page for details on all of the included JIRAs.

DWR

Upgraded from DWR 2.0.3 to 2.0.5 to include the following security fixes -

  • DWR version 2.0.5 fixed 1 XSS vulnerabilities in r2077
    No Format
    r2077 | joe | 2008-06-22 09:28:22 -0400 (Sun, 22 Jun 2008) | 7 lines

Fix for XSS issue in ExceptionHandler:

PartialResponse.fromOrdinal() throws a NumberFormatException trying to
parse the 'partialResponse' parameter.  This exception is never caught,
prompting UrlProcessor to invoke DWR's default ExceptionHandler class,
which calls out.println(cause.getMessage()), thereby causing the XSS.

JIRA: GERONIMO-4266
Affects: 2.1-2.1.2

ActiveMQ

Included ActiveMQ patch for the following security exposure -

  • AMQ-1272 - Stomp protocol does not correctly check authentication (security hole)

JIRA: GERONIMO-4262
Affects: 2.1-2.1.2

Tomcat

Upgraded from Tomcat 6.0.16 to 6.0.18 to include the following security fixes -

For more details on each fix, please visit the Tomcat 6.x Security page.

JIRA: GERONIMO-4245
Affects: 2.1-2.1.2


Fixed in Geronimo 2.1.2
Anchor
212
212

DWR

Upgraded from DWR 2.0.1 to 2.0.3 to include the following security fixes -

JIRA: GERONIMO-4116
Affects: 2.1-2.1.1

Tomcat

Upgraded from Tomcat 6.0.14 to 6.0.16 to include the following security fixes -

For more details on each fix, please visit the Tomcat 6.x Security page.

JIRA: GERONIMO-4085
Affects: 2.1-2.1.1


Fixed in Geronimo 2.1.1
Anchor
211
211

None