{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2009-10-01T00:00:00.000Z","descriptions":[{"lang":"en","value":"twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2015-01-13T17:57:00.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"[oss-security] 20120723 Re: CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ?","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2012/07/23/2"},{"tags":["x_refsource_MISC"],"url":"http://objectopia.com/2009/10/01/securing-jmx-invoker-layer-in-jboss/"},{"tags":["x_refsource_CONFIRM"],"url":"https://issues.jboss.org/browse/JBPAPP-3391?_sscc=t"},{"name":"RHSA-2013:0192","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0192.html"},{"name":"RHSA-2013:0198","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0198.html"},{"name":"RHSA-2013:0195","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0195.html"},{"name":"RHSA-2013:0221","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0221.html"},{"name":"RHSA-2013:0196","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0196.html"},{"name":"RHSA-2013:0193","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0193.html"},{"name":"51984","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/51984"},{"name":"52054","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/52054"},{"name":"RHSA-2013:0191","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0191.html"},{"name":"RHSA-2013:0533","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0533.html"},{"name":"RHSA-2013:0197","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0197.html"},{"name":"RHSA-2013:0194","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0194.html"},{"name":"[oss-security] 20120720 CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ?","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2012/07/20/1"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T07:24:54.004Z"},"title":"CVE Program Container","references":[{"name":"[oss-security] 20120723 Re: CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ?","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2012/07/23/2"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://objectopia.com/2009/10/01/securing-jmx-invoker-layer-in-jboss/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://issues.jboss.org/browse/JBPAPP-3391?_sscc=t"},{"name":"RHSA-2013:0192","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0192.html"},{"name":"RHSA-2013:0198","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0198.html"},{"name":"RHSA-2013:0195","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0195.html"},{"name":"RHSA-2013:0221","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0221.html"},{"name":"RHSA-2013:0196","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0196.html"},{"name":"RHSA-2013:0193","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0193.html"},{"name":"51984","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/51984"},{"name":"52054","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/52054"},{"name":"RHSA-2013:0191","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0191.html"},{"name":"RHSA-2013:0533","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0533.html"},{"name":"RHSA-2013:0197","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0197.html"},{"name":"RHSA-2013:0194","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0194.html"},{"name":"[oss-security] 20120720 CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ?","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2012/07/20/1"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2009-5066","datePublished":"2012-08-13T20:00:00.000Z","dateReserved":"2011-04-05T00:00:00.000Z","dateUpdated":"2024-08-07T07:24:54.004Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}