Forum Thread: McAfee Web Reporter Premium EJBInvokerServlet / JMXInvokerServlet...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
McAfee Web Reporter Premium EJBInvokerServlet / JMXInvokerServlet Marshalled Object Arbitrary Code Execution Vulnerability

Secunia McAfee Web Reporter Premium EJBInvokerServlet / JMXInvokerServlet Marshalled Object Arbitrary Code Execution Vulnerability
Secunia Official 16th Oct, 2013 16:45
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Andrea Micalizzi has discovered a vulnerability in McAfee Web Reporter Premium, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to the application not properly restricting access to the invoker/EJBInvokerServlet and invoker/JMXInvokerServlet servlets within Apache Tomcat, which can be exploited to deploy and execute arbitrary Java code by sending a specially crafted marshalled object to TCP port 9111.

The vulnerability is confirmed in version 5.2.1, Build 1420 running on Windows. Other versions may also be affected.

infoposter RE: McAfee Web Reporter Premium EJBInvokerServlet / JMXInvokerServlet Marshalled Object Arbitrary Code Execution Vulnerability
Member 16th Oct, 2013 16:45
Score: 0
Posts: 1
User Since: 16th Oct 2013
System Score: N/A
Location: US
Last edited on 16th Oct, 2013 16:55
The issue no longer exists in 5.2.1.01, which was release back in June of this year. Also, the title of the vulnerability is not accurate. This vulnerability does not affect JMXInvokerServlet in the version of the product that is listed. For this reason it seems this vulnerability may have been discovered with a canned scanning tool with the title of this post most likely copied from the result of the scanner. These two attack vectors are commonly grouped together by such tools.
Was this reply relevant?
+0
-0
This user no longer exists RE: McAfee Web Reporter Premium EJBInvokerServlet / JMXInvokerServlet Marshalled Object Arbitrary Code Execution Vulnerability
Secunia Official 17th Oct, 2013 10:58
Thank you for your comment. I have made sure that our researchers are informed.