JBoss Security vulnerability JMX Management Console

Awesome! A lot of servers have their JBoss Management Console open to the world, without any authentication, no password, no security! A huge and silly vulnerability!

Any remote user can completely control the server, having full control to a lot of server configurations and internal network and infrastructure information disclosure, you can change the web service listening port (I test this with one of them, then I put back the original port), view internal IPs and start connections to a client, a lot of server absolute paths, you can change security configurations… too much power with almost no knowledge needed.

This vulnerable JBoss servers let open access to anybody to jmx-console and web-console, these are the online administration tools of JBoss.

There still are a lot of this kind of silly vulnerabilities in the Internet… theres not a JBoss vulnerability, theres a people vulnerability!

Oh, I almost forgot it… you can find all the vulnerable servers using my online Google Parser tool who I wrote a couple of weeks ago. With it you can get a clean list of all the vulnerable sites searching for:

intitle:”jboss management console” “application server” version inurl:”web-console”

or

intitle:”JBoss Management Console – Server Information” “application server” inurl:”web-console” OR inurl:”jmx-console”

You can try different Google search strings and get a clean list of URLs of the Google search results with my Google Parser online tool.

It’s amazing how developers and network administrators still doesn’t pay real attention to security!

  1. Thanks for sharing it Marco!

    Wow… it’s amazing how still are totally vulnerable servers just waiting for any script kiddie to do whatever he/she wants with they… or someone else with another purposes…

    But still are a lot of people who doesn’t mind about IT security and a lot more who doesn’t really understand what it is… there’s not using SSL and running a couple of automatic vulnerability detection tools and patch the “holes”… it’s a LOT more…

    • Francis
    • February 5th, 2009

    Hi, JBoss is open to the world and nobody take care about this !

      • Cami
      • July 19th, 2011

      You ralely found a way to make this whole process easier.

    • mayank
    • December 14th, 2011

    please tell me how to solve this vulnerabbility?

  1. No trackbacks yet.