[esb-issues] [JBoss JIRA] Updated: (JBESB-1561) Groovy security compromised

Tuesday, 26 February 2008

     [ http://jira.jboss.com/jira/browse/JBESB-1561?page=all ]

Martin Vecera updated JBESB-1561:
---------------------------------

    Description: 
GroovyActionProcess allows execution of malicious code. This code can be sent via esb
message. See attached example (modified QS).

Credit goes to Jirka Pechanec for this great idea!

  was:GroovyActionProcess allows execution of malicious code. This code can be sent via
esb message. See attached example (modified QS).

...
 Groovy security compromised
 ---------------------------

                 Key: JBESB-1561
                 URL: http://jira.jboss.com/jira/browse/JBESB-1561
             Project: JBoss ESB
          Issue Type: Bug
      Security Level: Public(Everyone can see) 
          Components: Rosetta, Adapters
    Affects Versions: 4.2.1 CP1
            Reporter: Martin Vecera

 GroovyActionProcess allows execution of malicious code. This code can be sent via esb
message. See attached example (modified QS).
 Credit goes to Jirka Pechanec for this great idea! 
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

[esb-issues] [JBoss JIRA] Updated: (JBESB-1561) Groovy security compromised