Showing 1 - 4 of 4

CVE-2016-0792

Status Candidate

Overview

Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.

Related Files

Jenkins XStream Groovy Classpath Deserialization: Posted Dec 19, 2017; Authored by Arshan Dabirsiaghi | Site metasploit.com; This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default installations. Authentication is not required to exploit the vulnerability.; tags | exploit, remote, arbitrary, code execution; advisories | CVE-2016-0792; SHA-256 | 52a40982d2eed44b68632a3f6deca119172cfb8a682bb8fd52169cc4b2182bba; Download | Favorite | View

Jenkins Java Deserialization: Posted Jul 30, 2017; Authored by Janusz Piechowka; Jenkins versions prior to 1.650 suffer from a java deserialization vulnerability.; tags | exploit, java; advisories | CVE-2016-0792; SHA-256 | f932931a24baa84b8aaf780ee1292f4ad857cbdaed0ab3be3e22d84b53765295; Download | Favorite | View

Red Hat Security Advisory 2016-1773-01: Posted Aug 24, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-1773-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. The Jenkins continuous integration server has been updated to upstream version 1.651.2 LTS that addresses a large number of security issues, including open redirects, a potential denial of service, unsafe handling of user provided environment variables and several instances of sensitive information disclosure.; tags | advisory, denial of service, info disclosure; systems | linux, redhat; advisories | CVE-2014-3577, CVE-2015-7501, CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, CVE-2016-3721, CVE-2016-3722, CVE-2016-3723, CVE-2016-3724, CVE-2016-3725, CVE-2016-3726, CVE-2016-3727; SHA-256 | d21a44fcf349a12558e1bf494277c24c60b24dd0894fb71b09edaef3e3d7f9e4; Download | Favorite | View

Red Hat Security Advisory 2016-0711-01: Posted May 3, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-0711-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform- as-a-Service solution designed for on-premise or private cloud deployments. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security Fix: The Jenkins continuous integration server has been updated to upstream version 1.642.2 LTS that addresses a large number of security issues, including XSS, CSRF, information disclosure, and code execution.; tags | advisory, code execution, info disclosure; systems | linux, redhat; advisories | CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792; SHA-256 | 8cb241f7f26e24db895bca20b367c5d2ec75547e9aa7d1d03f82eab44c897d01; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 61 files
Debian 20 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,160)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,842)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,975)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2016-0792

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems