| VID |
14096 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
run.sh which is the service daemon execution file of JBOSS Application Server is not safe for secuirty reasons.
run.sh is a script file to start JBOSS Application Server. If there is permission to write to the file, Serious problems can occur for secuirty reason. Therefore, Restriction is necessary for non-administrative users to write.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Remove other user's write permissions from the file as the following
chmod o-w (if the group has write permission: g-w) ./run.sh
ex) chmod o-w JBOSS_HOME/run.sh
ex) chmod g-w JBOSS_HOME/run.sh |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
