Security warning from Qualys
devg
Vulnerability Management
Critical
Severity 5 vulnerabilities were found by Qualys.
- 10.110.5.18:
- QID: 42444, Title: Java Debug Wire Protocol Remote Code Execution Vulnerability, Category: General remote services
Herrick, Rick
I have no idea what that means. Unfortunately Qualys doesn’t seem to make their QID lookup public, so I can’t tell what the output indicates specifically and the description is vague enough that I wouldn’t even know where to begin to look.
When you say “the latest XNAT docker version”, what are you referring to specifically?
--
Rick Herrick
Sr. Programmer/Analyst
Neuroinformatics Research Group
Washington University School of Medicine
Phone: +1 (314) 273-1645
From: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com> on behalf of devg <dev....@dw-systems.com>
Reply-To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
Date: Thursday, August 6, 2020 at 5:58 PM
To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
Subject: [XNAT Discussion] Security warning from Qualys
|
* External Email - Caution * |
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
xnat_discussi...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/xnat_discussion/e9f977ad-4dd7-4e1f-ad5c-04be012e5434n%40googlegroups.com.
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
dev....@dw-systems.com
Sorry, I should have mentioned, I installed https://wiki.xnat.org/ml
I don’t know if this link will help: https://stackoverflow.com/questions/36484932/java-debug-wire-protocol-remote-code-execution-vulnerability-joss
Thanks
Dev
--
You received this message because you are subscribed to a topic in the Google Groups "xnat_discussion" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/xnat_discussion/06JDBp21MJ0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to xnat_discussi...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/xnat_discussion/B0635A37-BF33-4F63-B6E6-3368C1113EEC%40wustl.edu.
Herrick, Rick
Ah, easily solved then! Have a look at docker-compose.yml and find this line:
CATALINA_OPTS: "-Xms${XNAT_MIN_HEAP} -Xmx${XNAT_MAX_HEAP} -Dxnat.home=/data/xnat/home -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:8000"
Remove the whole -agentlib parameter:
CATALINA_OPTS: "-Xms${XNAT_MIN_HEAP} -Xmx${XNAT_MAX_HEAP} -Dxnat.home=/data/xnat/home"
That’s for debugging purposes since it’s a BETA release but it’s not necessary if you’re not intending to connect to the remote JVM.
--
Rick Herrick
Sr. Programmer/Analyst
Neuroinformatics Research Group
Washington University School of Medicine
Phone: +1 (314) 273-1645
To view this discussion on the web visit https://groups.google.com/d/msgid/xnat_discussion/022101d66c4e%2479e4b950%246dae2bf0%24%40dw-systems.com.
dev....@dw-systems.com
Great! Thanks a lot.
Best,
To view this discussion on the web visit https://groups.google.com/d/msgid/xnat_discussion/3D4A9C7A-6D12-4D0C-A7E9-10FED58A98B1%40wustl.edu.