Access Keys:
Skip to content (Access Key - 0)

caGrid Users,

Update:
Our IT department has instructed us to remove the "jmx-console.war" from the JBoss container to avoid the worm.

We have performed this action on the Portal and verified that it continues to be functional to the end user.

Original News Item:

A worm has been reported as infecting unpatched JBoss 4 application servers. The worm exploits and older configuration in JBoss, which only enabled authentication on GET and POST requests. The vulnerability makes it possible to use other methods to execute arbitrary code on the server without authentication. The problem was fixed last year, but there are apparently still a number of vulnerable installs out there.

The version of JBoss installed by the caGrid Installer suffers from this vulnerability.

If you do run JBoss, please make sure to read the instructions posted by RedHat here:

http://community.jboss.org/blogs/mjc/2011/10/20/statement-regarding-security-threat-to-jboss-application-server

Analysis of the worm:

http://www.infoq.com/news/2011/10/jboss-worm

Thanks,
Bill Stephens
caGrid KC Operations Manager

Last edited by No contributors found for: authors on selected page(s)
Adaptavist Theme Builder Powered by Atlassian Confluence