The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors.
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2013-4210 from the MITRE CVE dictionary dictionary and NIST NVD.
| Base Score | 5 |
|---|---|
| Base Metrics | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat JBoss Enterprise Application Platform 5.2 | RHSA-2013:1371 | 2013-09-30 |
| Red Hat JBoss Web Platform 5 for RHEL 6 Server (jboss-remoting) | RHSA-2013:1370 | 2013-09-30 |
| Red Hat JBoss Web Platform 5 for RHEL 4 AS (jboss-remoting) | RHSA-2013:1370 | 2013-09-30 |
| Red Hat JBoss Web Platform 5 for RHEL 5 Server (jboss-remoting) | RHSA-2013:1370 | 2013-09-30 |
| Red Hat JBoss Enterprise Application Platform 5 for RHEL 4 AS (jboss-remoting) | RHSA-2013:1369 | 2013-09-30 |
| Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 Server (jboss-remoting) | RHSA-2013:1369 | 2013-09-30 |
| Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 Server (jboss-remoting) | RHSA-2013:1369 | 2013-09-30 |
| Platform | Package | State |
|---|---|---|
| Red Hat JBoss Portal 5 | remoting | Will not fix |
| Red Hat JBoss Operations Network 3.1 | remoting | Will not fix |
| Red Hat JBoss Enterprise SOA Platform 5 | remoting | Will not fix |
| Red Hat JBoss EAP 6 | remoting | Not affected |
| Red Hat JBoss EAP 5 | remoting | Will not fix |
| Red Hat JBoss EAP 4 | remoting | Will not fix |
| Red Hat JBoss BRMS 5 | remoting | Will not fix |
Vulmon