[jboss-jira] [JBoss JIRA] Resolved: (JBREM-1261) Prevent DOS attack on BisocketServerInvoker$SecondaryServerSocketThread

Ron Sigal (JIRA) jira-events at lists.jboss.org
Fri Dec 24 13:33:18 EST 2010 

     [ https://issues.jboss.org/browse/JBREM-1261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ron Sigal resolved JBREM-1261.
------------------------------

    Resolution: Done


Tests are passing in hudson.

> Prevent DOS attack on BisocketServerInvoker$SecondaryServerSocketThread
> -----------------------------------------------------------------------
>
>                 Key: JBREM-1261
>                 URL: https://issues.jboss.org/browse/JBREM-1261
>             Project: JBoss Remoting
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>    Affects Versions: 2.5.3.SP1, 2.2.3.SP3
>            Reporter: Ron Sigal
>            Assignee: Ron Sigal
>             Fix For: 2.5.3.SP2, 2.2.3.SP4
>
>
> From the original bug report: 
> Exploiting and thus confirming this vulnerability is extremely simple: Simply
> connect to the bisocket control connection (ie. "telnet <jboss-host>
> <control-connection-port>") without sending any data on the connection. As long
> as this connection is open, no clients can connect to the bisocket control port
> because the connections are not accepted at server side.
> The cause of this vulnerability is found in method
> org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run(),
> which contains the accept-loop for the bisocket control connection. After
> having accepted a connection, the accept loop thread reads from the newly
> created connection expecting the client to send an action code and a listener
> id. If the client sends nothing, the accept loop thread will block in the read
> call, causing no other connections to be accepted.
> To fix, the accept loop thread should not do the read on the new connection.
> Instead it should start a new thread that does the read

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list