silpol » from archive
Hackers actively exploiting JBoss vulnerability to compromise servers, researchers say - Network World - http://www.networkworld.com/news/2013/111913-hackers-actively...
"At the beginning of October security researcher Andrea Micalizzi released an exploit for a vulnerability he identified in products from multiple vendors including Hewlett-Packard, McAfee, Symantec and IBM that use 4.x and 5.x versions of JBoss. That vulnerability, tracked as CVE-2013-4810, allows unauthenticated attackers to install an arbitrary application on JBoss deployments that expose the EJBInvokerServlet or JMXInvokerServlet." ‎- silpol