Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Is there a WIndows patch for the JBOSS exploits

Posted on 2016-07-26
4
68 Views
Last Modified: 2016-08-22
Has anyone found if there is a patch for a JBOSS exploit for Windows.  I know they are available for RedHat but I couldn't find anything other that a reference to JBOSS in that patches that MS put out on April 2016.
0
Comment
Question by:Member_2_7969384
  • 2
4 Comments
 
LVL 20

Assisted Solution

by:Russ Suter
Russ Suter earned 250 total points (awarded by participants)
ID: 41729594
JBOSS is a RedHat product. RedHat would be responsible for releasing patches. Microsoft would have nothing to do with it.
0
 

Author Comment

by:Member_2_7969384
ID: 41729618
Thanks, that is what I thought but since there were references out there to windows I thought it best to ask the question.  Thank you for the quick feed back.
0
 
LVL 63

Accepted Solution

by:
btan earned 250 total points (awarded by participants)
ID: 41729640
It is not to patch Windows as Russ Suter has shared. The concern is more of surfacing webshell backdoor in vulnerable machines. Generally, servers systems running web services and mostly those exposed to public internet accesss should be scanned if there is such indicator of compromise existence

jbossass.jsp      jbossass_jsp.class
shellinvoker.jsp      shellinvoker_jsp.class
mela.jsp      mela_jsp.class
zecmd.jsp      zecmd_jsp.class
cmd.jsp      cmd_jsp.class
wstats.jsp      wstats_jsp.class
idssvc.jsp      idssvc_jsp.class
iesvc.jsp      iesvc_jsp.class
http://blog.talosintel.com/2016/04/jboss-backdoor.html
See also US-CERT part advisory on webshell - https://www.us-cert.gov/ncas/alerts/TA15-314A

Just make sure your server system is readily patched to the latest security patch for business running

To share there is also another recent Jboss security advisory to address the Red Hat JBoss JGroups security bypass vulnerability.- https://tools.cisco.com/security/center/viewAlert.x?alertId=46834
0
 
LVL 63

Expert Comment

by:btan
ID: 41755355
It is explained on the exploit is not readily applicable but however, the threats lies in other type
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question