10
CVSSv2

CVE-2016-3427

Published: 21/04/2016 Updated: 15/04/2019
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9 | Impact Score: 6 | Exploitability Score: 2.2
VMScore: 894
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to JMX.

Vulnerability Trend

Affected Products

Vendor Product Versions
OracleJdk1.6.0, 1.7.0, 1.8.0
OracleJre1.6.0, 1.7.0, 1.8.0
OracleJrockitR28.3.9

Vendor Advisories

It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws ...
Several security issues were fixed in OpenJDK 7 ...
Several security issues were fixed in OpenJDK 6 ...
vCenter Server 60 on Windows without workaround of KB 2145343 vCenter Server 60 on Linux (VCSA) prior to 600b vCenter Server 55 prior to 55 U3d (on Windows), 55 U3 (VCSA) vCenter Server 51 prior to 51 U3b vCenter Server 50 prior to 50 U3e   vCloud Director prior to 8011 vCloud Director prior to 5651 vCloud Director prior to 556 ...
Several security issues were fixed in OpenJDK 8 ...
Arch Linux Security Advisory ASA-201611-22 ========================================== Severity: High Date : 2016-11-23 CVE-ID : CVE-2016-6816 CVE-2016-8735 Package : tomcat6 Type : multiple issues Remote : Yes Link : wikiarchlinuxorg/indexphp/CVE Summary ======= The package tomcat6 before version 6048-1 is vulnerable to m ...
Debian Bug report logs - #845385 CVE-2016-9775: privilege escalation via removal Package: tomcat8; Maintainer for tomcat8 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for tomcat8 is src:tomcat8 (PTS, buildd, popcon) Reported by: Paul Szabo <paulszabo@sydneyeduau> Date: Tue, 22 ...
Debian Bug report logs - #845393 CVE-2016-9774: privilege escalation via upgrade Package: tomcat8; Maintainer for tomcat8 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for tomcat8 is src:tomcat8 (PTS, buildd, popcon) Reported by: Paul Szabo <paulszabo@sydneyeduau> Date: Tue, 22 ...
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure For the stable distribution (jessie), these problems have been fixed in version 7u101-266-1~deb8u1 We recommend that you upgrade your openjdk-7 packages ...
Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions (CVE-2016-0686 , CVE-2016-0687 ) It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can ...
It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions (CVE-2016-0686 ) It was discovered that the Hotspot component of OpenJDK did n ...
It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions (CVE-2016-0686 ) It was discovered that the Hotspot component of OpenJDK did n ...
Synopsis Moderate: java-171-ibm security update Type/Severity Security Advisory: Moderate Topic An update for java-171-ibm is now available for Red HatSatellite 57 and Red Hat Satellite 56Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sc ...
Synopsis Important: Red Hat JBoss Web Server security and enhancement update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Web ServerRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...
Oracle Solaris Third Party Bulletin - January 2017 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Up ...
Oracle Critical Patch Update Advisory - April 2016 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory ...
Oracle Linux Bulletin - April 2016 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are release ...

Github Repositories

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc Requirements Python >= 27x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc Requirements Python >= 27x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the

No description, website, or topics provided.

… Usage: --gadget dns --dns testyourdomaincom * Fixed bug when running with python3

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc Requirements Python >= 27x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the

No description, website, or topics provided.

… Usage: --gadget dns --dns testyourdomaincom * Fixed bug when running with python3

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc Requirements Python >= 27x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc Requirements Python >= 27x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc Requirements Python >= 27x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the

Jok3r v3 beta Network & Web Pentest Automation Framework wwwjok3r-frameworkcomWARNING: Project is still in version 3 BETA It is still under active development and bugs might be present Many tests are going on: see githubcom/koutto/jok3r/blob/master/tests/TESTSrst Ideas, bug reports, contributions are welcome ! Overview Features Demos Architecture

[fix] add shodan lib

Java-Deserialization-Cheat-Sheet A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries Please, use #javadeser hash tag for tweets Table of content Java Native Serialization (binary) Overview Main talks & presentations & docs Payload generators Exploits Detect Vulnerable apps (without

References

NVD-CWE-noinfohttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0650.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0651.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0675.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0676.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0677.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0678.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0679.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0701.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0702.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0708.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0716.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0723.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1039.htmlhttp://www.debian.org/security/2016/dsa-3558http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlhttp://www.securityfocus.com/bid/86421http://www.securitytracker.com/id/1035596http://www.securitytracker.com/id/1037331http://www.ubuntu.com/usn/USN-2963-1http://www.ubuntu.com/usn/USN-2964-1http://www.ubuntu.com/usn/USN-2972-1https://access.redhat.com/errata/RHSA-2016:1430https://access.redhat.com/errata/RHSA-2017:1216https://kc.mcafee.com/corporate/index?page=content&id=SB10159https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3Ehttps://security.gentoo.org/glsa/201606-18https://security.netapp.com/advisory/ntap-20160420-0001/https://www.rapid7.com/db/vulnerabilities/aix-8-java_april2016_advisory_cve-2016-3427https://nvd.nist.govhttps://github.com/QChiLan/jexbosshttps://github.com/neoslabdev/jexbosshttp://tools.cisco.com/security/center/viewAlert.x?alertId=44733https://usn.ubuntu.com/2964-1/