Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2011-2908

Cross-Site Request Forgery (CSRF)

Published: Nov 23, 2012 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
RedHat/V2
4.6 MODERATE
AV:N/AC:H/Au:S/C:P/I:P/A:P
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2011-2908
CWEhttps://cwe.mitre.org/data/definitions/352.html

Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users for requests that perform operations on MBeans and possibly execute arbitrary code via unspecified vectors.

Weakness

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Affected Software

Name Vendor Start Version End Version
Jboss_enterprise_brms_platform Redhat 5.3.0 (including) 5.3.0 (including)
Jboss_enterprise_portal_platform Redhat * 5.2.1 (including)
Jboss_enterprise_portal_platform Redhat 5.0.0 (including) 5.0.0 (including)
Jboss_enterprise_portal_platform Redhat 5.0.1 (including) 5.0.1 (including)
Jboss_enterprise_portal_platform Redhat 5.1.0 (including) 5.1.0 (including)
Jboss_enterprise_portal_platform Redhat 5.1.1 (including) 5.1.1 (including)
Jboss_enterprise_portal_platform Redhat 5.2.0 (including) 5.2.0 (including)
Jboss_enterprise_soa_platform Redhat 5.3.0 (including) 5.3.0 (including)
JBEWP 5 for RHEL 5 RedHat aopalliance-0:1.0-5.2.jdk6.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat apache-cxf-0:2.2.12-6.1.patch_04.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat bsh2-0:2.0-0.b4.15.1.patch01.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat glassfish-jaxb-0:2.1.12-12_patch_03.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat google-guice-0:2.0-3.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat hibernate3-1:3.3.2-1.5.GA_CP05.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat hibernate3-annotations-0:3.4.0-3.3.GA_CP05.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat hibernate3-entitymanager-0:3.4.0-4.4.GA_CP05.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat hibernate3-search-0:3.1.1-2.4.GA_CP05.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jacorb-jboss-0:2.3.2-2.jboss_1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat javassist-0:3.12.0-6.SP1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-aop2-0:2.1.6-5.CP06.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossas-web-0:5.2.0-8.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossas-web-tp-licenses-0:5.2.0-7.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossas-ws-cxf-ewp-0:5.2.0-7.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-bootstrap-0:1.0.2-1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-cache-core-0:3.2.11-1.GA.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-cache-pojo-0:3.0.1-1.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-cl-0:2.0.11-1.GA.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-cluster-ha-server-api-0:1.2.1-2.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-common-beans-0:1.0.1-2.1.Final.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-common-core-0:2.2.21-1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-eap5-native-0:5.2.0-6.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-cache-0:1.0.0-4.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-core-0:1.3.9-0.4.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-ext-api-0:1.0.0-4.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-ext-api-impl-0:1.0.0-3.7.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-interceptors-0:1.0.9-0.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-metadata-0:1.0.0-3.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-metrics-deployer-0:1.1.1-0.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-security-0:1.0.2-0.5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-timeout-0:0.1.1-0.5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-ejb3-transactions-0:1.0.2-1.4.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-javaee-0:5.0.2-2.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-jaxrpc-api_1.1_spec-0:1.0.0-16.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-jpa-deployers-0:1.0.0-6.1SP2.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-logmanager-0:1.1.2-6.GA_patch_01.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-naming-0:5.0.3-5.1.CP02.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-reflect-0:2.0.4-2.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-remoting-0:2.5.4-10.SP4.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-seam2-0:2.2.6.EAP5-10.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-security-negotiation-0:2.1.3-1.GA.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-security-spi-1:2.0.5-4.SP3_1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbosssx2-0:2.0.5-8.SP3_1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossts-1:4.6.1-12.CP13.8.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jboss-vfs2-0:2.2.1-4.GA.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossweb-0:2.1.13-2_patch_01.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossws-0:3.1.2-13.SP15_patch_01.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossws-common-0:1.1.0-9.SP10.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossws-framework-0:3.1.2-9.SP13.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jbossws-spi-0:1.1.2-6.SP8.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jgroups-1:2.6.22-1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jopr-embedded-0:1.3.4-19.SP6.9.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jopr-hibernate-plugin-0:3.0.0-14.EmbJopr5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jopr-jboss-as-5-plugin-0:3.0.0-14.EmbJopr5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat jopr-jboss-cache-v3-plugin-0:3.0.0-15.EmbJopr5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat mod_cluster-0:1.0.10-12.2.GA_CP04.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat mod_cluster-native-0:1.0.10-10.GA_CP04_patch01.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat picketlink-federation-0:2.1.5-3.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat picketlink-quickstarts-0:2.1.5-1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat resteasy-0:1.2.1-18.CP02_patch02.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat rh-ewp-docs-0:5.2.0-6.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat rhq-0:3.0.0-21.EmbJopr5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat rhq-jmx-plugin-0:3.0.0-21.EmbJopr5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat rhq-platform-plugin-0:3.0.0-14.EmbJopr5.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat spring2-0:2.5.6-9.SEC03.1.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat wss4j-0:1.5.12-4.1_patch_02.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat xerces-j2-0:2.9.1-10.patch02.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat xml-commons-0:1.3.04-8.2_patch_01.ep5.el5 *
JBEWP 5 for RHEL 5 RedHat xml-security-0:1.5.1-2.ep5.el5 *
JBEWP 5 for RHEL 6 RedHat aopalliance-0:1.0-5.3.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat apache-cxf-0:2.2.12-6.1.patch_04.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat bsh2-0:2.0-0.b4.15.patch01.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat glassfish-jaxb-0:2.1.12-12_patch_03.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat google-guice-0:2.0-3.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat hibernate3-1:3.3.2-1.9.GA_CP05.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat hibernate3-annotations-0:3.4.0-3.6.GA_CP05.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat hibernate3-entitymanager-0:3.4.0-4.5.GA_CP05.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat hibernate3-search-0:3.1.1-2.5.GA_CP05.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat hsqldb-2:1.8.0.10-11_patch_01.1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jacorb-jboss-0:2.3.2-2.jboss_1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat javassist-0:3.12.0-6.SP1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-aop2-0:2.1.6-5.CP06.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossas-web-0:5.2.0-16.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossas-web-tp-licenses-0:5.2.0-8.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossas-ws-cxf-ewp-0:5.2.0-11.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-bootstrap-0:1.0.2-1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-cache-core-0:3.2.11-1.GA.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-cache-pojo-0:3.0.1-1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-cl-0:2.0.11-4.GA.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-cluster-ha-server-api-0:1.2.1-2.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-common-beans-0:1.0.1-2.Final.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-common-core-0:2.2.21-1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-eap5-native-0:5.2.0-6.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-cache-0:1.0.0-4.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-core-0:1.3.9-0.4.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-ext-api-0:1.0.0-4.1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-ext-api-impl-0:1.0.0-3.7.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-interceptors-0:1.0.9-0.2.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-metadata-0:1.0.0-3.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-metrics-deployer-0:1.1.1-0.1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-security-0:1.0.2-0.5.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-timeout-0:0.1.1-0.8.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-ejb3-transactions-0:1.0.2-1.6.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-javaee-0:5.0.2-2.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-jaxrpc-api_1.1_spec-0:1.0.0-16.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-jpa-deployers-0:1.0.0-6.SP2.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-logmanager-0:1.1.2-6.GA_patch_01.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-naming-0:5.0.3-5.CP02.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-reflect-0:2.0.4-2.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-remoting-0:2.5.4-10.SP4.1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-seam2-0:2.2.6.EAP5-14.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-security-negotiation-0:2.1.3-1.GA.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-security-spi-1:2.0.5-4.SP3_1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbosssx2-0:2.0.5-8.3.SP3_1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossts-1:4.6.1-12.CP13.7.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jboss-vfs2-0:2.2.1-4.GA.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossweb-0:2.1.13-2_patch_01.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossws-0:3.1.2-13.SP15_patch_01.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossws-common-0:1.1.0-9.SP10.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossws-framework-0:3.1.2-9.SP13.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jbossws-spi-0:1.1.2-6.SP8.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jgroups-1:2.6.22-1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jopr-embedded-0:1.3.4-19.SP6.9.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jopr-hibernate-plugin-0:3.0.0-14.EmbJopr5.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jopr-jboss-as-5-plugin-0:3.0.0-16.EmbJopr5.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat jopr-jboss-cache-v3-plugin-0:3.0.0-15.EmbJopr5.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat mod_cluster-0:1.0.10-12.2.GA_CP04.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat mod_cluster-native-0:1.0.10-10.GA_CP04_patch01.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat picketlink-federation-0:2.1.5-3.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat picketlink-quickstarts-0:2.1.5-1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat resteasy-0:1.2.1-17.CP02_patch02.1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat rh-ewp-docs-0:5.2.0-11.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat rhq-0:3.0.0-21.EmbJopr5.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat rhq-jmx-plugin-0:3.0.0-21.EmbJopr5.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat rhq-platform-plugin-0:3.0.0-14.EmbJopr5.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat spring2-0:2.5.6-9.SEC03.1.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat wss4j-0:1.5.12-4_patch_02.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat xerces-j2-0:2.9.1-10.patch02.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat xml-commons-0:1.3.04-8.2_patch_01.ep5.el6 *
JBEWP 5 for RHEL 6 RedHat xml-security-0:1.5.1-2.ep5.el6 *
JBoss Enterprise BRMS Platform 5.3 RedHat *
Red Hat JBoss Enterprise Application Platform 5.2 RedHat *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat aopalliance-0:1.0-5.2.jdk6.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat apache-cxf-0:2.2.12-6.1.patch_04.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat bsh2-0:2.0-0.b4.15.1.patch01.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat glassfish-jaxb-0:2.1.12-12_patch_03.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat google-guice-0:2.0-3.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat hibernate3-1:3.3.2-1.6.GA_CP05.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat hibernate3-annotations-0:3.4.0-3.4.GA_CP05.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat hibernate3-entitymanager-0:3.4.0-4.4.GA_CP05.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat hibernate3-search-0:3.1.1-2.3.GA_CP05.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat hornetq-0:2.2.24-1.EAP.GA.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat hornetq-native-0:2.2.20-1.EAP.GA.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jacorb-jboss-0:2.3.2-2.jboss_1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat javassist-0:3.12.0-6.SP1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-aop2-0:2.1.6-5.CP06.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossas-0:5.2.0-14.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossas-hornetq-0:5.2.0-6.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossas-tp-licenses-0:5.2.0-7.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossas-ws-cxf-0:5.2.0-8.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-bootstrap-0:1.0.2-1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-cache-core-0:3.2.11-1.GA.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-cache-pojo-0:3.0.1-1.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-cl-0:2.0.11-1.GA.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-cluster-ha-server-api-0:1.2.1-2.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-common-beans-0:1.0.1-2.1.Final.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-common-core-0:2.2.21-1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-eap5-native-0:5.2.0-6.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-cache-0:1.0.0-4.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-core-0:1.3.9-0.4.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-ext-api-0:1.0.0-4.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-ext-api-impl-0:1.0.0-3.7.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-interceptors-0:1.0.9-0.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-metadata-0:1.0.0-3.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-metrics-deployer-0:1.1.1-0.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-security-0:1.0.2-0.5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-timeout-0:0.1.1-0.5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-ejb3-transactions-0:1.0.2-1.4.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-javaee-0:5.0.2-2.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-jaxrpc-api_1.1_spec-0:1.0.0-16.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-jpa-deployers-0:1.0.0-6.SP2.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-logmanager-0:1.1.2-6.GA_patch_01.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-messaging-0:1.4.8-12.SP9.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-naming-0:5.0.3-5.CP02.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-reflect-0:2.0.4-2.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-remoting-0:2.5.4-10.SP4.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-seam2-0:2.2.6.EAP5-9.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-security-negotiation-0:2.1.3-1.GA.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-security-spi-1:2.0.5-4.SP3_1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbosssx2-0:2.0.5-8.3.SP3_1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossts-1:4.6.1-12.CP13.8.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jboss-vfs2-0:2.2.1-2.GA.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossweb-0:2.1.13-2_patch_01.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossws-0:3.1.2-13.SP15_patch_01.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossws-common-0:1.1.0-9.SP10.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossws-framework-0:3.1.2-9.SP13.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jbossws-spi-0:1.1.2-6.SP8.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jgroups-1:2.6.22-1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jopr-embedded-0:1.3.4-19.SP6.9.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jopr-hibernate-plugin-0:3.0.0-14.EmbJopr5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jopr-jboss-as-5-plugin-0:3.0.0-15.EmbJopr5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat jopr-jboss-cache-v3-plugin-0:3.0.0-15.EmbJopr5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat mod_cluster-0:1.0.10-12.2.GA_CP04.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat mod_cluster-native-0:1.0.10-10.GA_CP04_patch01.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat netty-0:3.2.5-6.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat picketlink-federation-0:2.1.5-3.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat picketlink-quickstarts-0:2.1.5-1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat resteasy-0:1.2.1-18.CP02_patch02.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat rh-eap-docs-0:5.2.0-7.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat rhq-0:3.0.0-22.EmbJopr5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat rhq-jmx-plugin-0:3.0.0-21.EmbJopr5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat rhq-platform-plugin-0:3.0.0-15.EmbJopr5.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat spring2-0:2.5.6-9.SEC03.1.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat wss4j-0:1.5.12-4.2_patch_02.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat xerces-j2-0:2.9.1-10.patch02.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat xml-commons-1:1.3.04-8.2_patch_01.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 RedHat xml-security-0:1.5.1-2.ep5.el4 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat aopalliance-0:1.0-5.2.jdk6.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat apache-cxf-0:2.2.12-6.1.patch_04.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat bsh2-0:2.0-0.b4.15.1.patch01.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat glassfish-jaxb-0:2.1.12-12_patch_03.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat google-guice-0:2.0-3.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat hibernate3-1:3.3.2-1.5.GA_CP05.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat hibernate3-annotations-0:3.4.0-3.3.GA_CP05.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat hibernate3-entitymanager-0:3.4.0-4.4.GA_CP05.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat hibernate3-search-0:3.1.1-2.4.GA_CP05.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat hornetq-0:2.2.24-1.EAP.GA.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat hornetq-native-0:2.2.20-1.EAP.GA.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jacorb-jboss-0:2.3.2-2.jboss_1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat javassist-0:3.12.0-6.SP1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-aop2-0:2.1.6-5.CP06.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossas-0:5.2.0-14.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossas-hornetq-0:5.2.0-5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossas-tp-licenses-0:5.2.0-7.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossas-ws-cxf-0:5.2.0-7.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-bootstrap-0:1.0.2-1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-cache-core-0:3.2.11-1.GA.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-cache-pojo-0:3.0.1-1.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-cl-0:2.0.11-1.GA.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-cluster-ha-server-api-0:1.2.1-2.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-common-beans-0:1.0.1-2.1.Final.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-common-core-0:2.2.21-1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-eap5-native-0:5.2.0-6.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-cache-0:1.0.0-4.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-core-0:1.3.9-0.4.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-ext-api-0:1.0.0-4.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-ext-api-impl-0:1.0.0-3.7.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-interceptors-0:1.0.9-0.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-metadata-0:1.0.0-3.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-metrics-deployer-0:1.1.1-0.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-security-0:1.0.2-0.5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-timeout-0:0.1.1-0.5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-ejb3-transactions-0:1.0.2-1.4.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-javaee-0:5.0.2-2.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-jaxrpc-api_1.1_spec-0:1.0.0-16.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-jpa-deployers-0:1.0.0-6.1SP2.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-logmanager-0:1.1.2-6.GA_patch_01.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-messaging-0:1.4.8-12.SP9.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-naming-0:5.0.3-5.1.CP02.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-reflect-0:2.0.4-2.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-remoting-0:2.5.4-10.SP4.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-seam2-0:2.2.6.EAP5-10.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-security-negotiation-0:2.1.3-1.GA.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-security-spi-1:2.0.5-4.SP3_1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbosssx2-0:2.0.5-8.SP3_1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossts-1:4.6.1-12.CP13.8.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jboss-vfs2-0:2.2.1-4.GA.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossweb-0:2.1.13-2_patch_01.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossws-0:3.1.2-13.SP15_patch_01.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossws-common-0:1.1.0-9.SP10.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossws-framework-0:3.1.2-9.SP13.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jbossws-spi-0:1.1.2-6.SP8.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jgroups-1:2.6.22-1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jopr-embedded-0:1.3.4-19.SP6.9.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jopr-hibernate-plugin-0:3.0.0-14.EmbJopr5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jopr-jboss-as-5-plugin-0:3.0.0-14.EmbJopr5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat jopr-jboss-cache-v3-plugin-0:3.0.0-15.EmbJopr5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat mod_cluster-0:1.0.10-12.2.GA_CP04.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat mod_cluster-native-0:1.0.10-10.GA_CP04_patch01.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat netty-0:3.2.5-6.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat picketlink-federation-0:2.1.5-3.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat picketlink-quickstarts-0:2.1.5-1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat resteasy-0:1.2.1-18.CP02_patch02.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat rh-eap-docs-0:5.2.0-6.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat rhq-0:3.0.0-21.EmbJopr5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat rhq-jmx-plugin-0:3.0.0-21.EmbJopr5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat rhq-platform-plugin-0:3.0.0-14.EmbJopr5.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat spring2-0:2.5.6-9.SEC03.1.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat wss4j-0:1.5.12-4.1_patch_02.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat xerces-j2-0:2.9.1-10.patch02.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat xml-commons-0:1.3.04-8.2_patch_01.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 RedHat xml-security-0:1.5.1-2.ep5.el5 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat aopalliance-0:1.0-5.3.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat apache-cxf-0:2.2.12-6.1.patch_04.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat bsh2-0:2.0-0.b4.15.patch01.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat glassfish-jaxb-0:2.1.12-12_patch_03.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat google-guice-0:2.0-3.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat hibernate3-1:3.3.2-1.9.GA_CP05.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat hibernate3-annotations-0:3.4.0-3.6.GA_CP05.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat hibernate3-entitymanager-0:3.4.0-4.5.GA_CP05.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat hibernate3-search-0:3.1.1-2.5.GA_CP05.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat hornetq-0:2.2.24-1.EAP.GA.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat hornetq-native-0:2.2.20-1.EAP.GA.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat hsqldb-2:1.8.0.10-11_patch_01.1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jacorb-jboss-0:2.3.2-2.jboss_1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat javassist-0:3.12.0-6.SP1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-aop2-0:2.1.6-5.CP06.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossas-0:5.2.0-16.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossas-hornetq-0:5.2.0-7.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossas-tp-licenses-0:5.2.0-8.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossas-ws-cxf-0:5.2.0-10.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-bootstrap-0:1.0.2-1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-cache-core-0:3.2.11-1.GA.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-cache-pojo-0:3.0.1-1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-cl-0:2.0.11-4.GA.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-cluster-ha-server-api-0:1.2.1-2.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-common-beans-0:1.0.1-2.Final.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-common-core-0:2.2.21-1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-eap5-native-0:5.2.0-6.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-cache-0:1.0.0-4.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-core-0:1.3.9-0.4.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-ext-api-0:1.0.0-4.1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-ext-api-impl-0:1.0.0-3.7.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-interceptors-0:1.0.9-0.2.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-metadata-0:1.0.0-3.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-metrics-deployer-0:1.1.1-0.1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-security-0:1.0.2-0.5.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-timeout-0:0.1.1-0.8.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-ejb3-transactions-0:1.0.2-1.6.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-javaee-0:5.0.2-2.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-jaxrpc-api_1.1_spec-0:1.0.0-16.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-jpa-deployers-0:1.0.0-6.SP2.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-logmanager-0:1.1.2-6.GA_patch_01.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-messaging-0:1.4.8-12.SP9.1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-naming-0:5.0.3-5.CP02.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-reflect-0:2.0.4-2.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-remoting-0:2.5.4-10.SP4.1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-seam2-0:2.2.6.EAP5-14.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-security-negotiation-0:2.1.3-1.GA.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-security-spi-1:2.0.5-4.SP3_1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbosssx2-0:2.0.5-8.3.SP3_1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossts-1:4.6.1-12.CP13.7.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jboss-vfs2-0:2.2.1-4.GA.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossweb-0:2.1.13-2_patch_01.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossws-0:3.1.2-13.SP15_patch_01.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossws-common-0:1.1.0-9.SP10.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossws-framework-0:3.1.2-9.SP13.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jbossws-spi-0:1.1.2-6.SP8.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jgroups-1:2.6.22-1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jopr-embedded-0:1.3.4-19.SP6.9.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jopr-hibernate-plugin-0:3.0.0-14.EmbJopr5.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jopr-jboss-as-5-plugin-0:3.0.0-16.EmbJopr5.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat jopr-jboss-cache-v3-plugin-0:3.0.0-15.EmbJopr5.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat mod_cluster-0:1.0.10-12.2.GA_CP04.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat mod_cluster-native-0:1.0.10-10.GA_CP04_patch01.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat netty-0:3.2.5-6.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat picketlink-federation-0:2.1.5-3.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat picketlink-quickstarts-0:2.1.5-1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat resteasy-0:1.2.1-17.CP02_patch02.1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat rh-eap-docs-0:5.2.0-10.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat rhq-0:3.0.0-21.EmbJopr5.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat rhq-jmx-plugin-0:3.0.0-21.EmbJopr5.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat rhq-platform-plugin-0:3.0.0-14.EmbJopr5.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat spring2-0:2.5.6-9.SEC03.1.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat wss4j-0:1.5.12-4_patch_02.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat xerces-j2-0:2.9.1-10.patch02.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat xml-commons-0:1.3.04-8.2_patch_01.ep5.el6 *
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 RedHat xml-security-0:1.5.1-2.ep5.el6 *
Red Hat JBoss Portal 5.2 RedHat *
Red Hat JBoss SOA Platform 5.3 RedHat *
Red Hat JBoss Web Platform 5.2 RedHat *

Potential Mitigations

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, use anti-CSRF packages such as the OWASP CSRFGuard. [REF-330]
  • Another example is the ESAPI Session Management control, which includes a component for CSRF. [REF-45]
  • Use the “double-submitted cookie” method as described by Felten and Zeller:
  • When a user visits a site, the site should generate a pseudorandom value and set it as a cookie on the user’s machine. The site should require every form submission to include this value as a form value and also as a cookie value. When a POST request is sent to the site, the request should only be considered valid if the form value and the cookie value are the same.
  • Because of the same-origin policy, an attacker cannot read or modify the value stored in the cookie. To successfully submit a form on behalf of the user, the attacker would have to correctly guess the pseudorandom value. If the pseudorandom value is cryptographically strong, this will be prohibitively difficult.
  • This technique requires Javascript, so it may not work for browsers that have Javascript disabled. [REF-331]

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use