Jenkins Multiple Vulnerabilities Fixed by 1.650 and 1.642.2 LTS
Description
(#Several vulnerabilities have been identified in Jenkins:#- CVE-2016-0788: remote code execution in remoting module. A remote, unauthenticated attacker could exploit it by opening a JRMP listener on the server hosting the Jenkins master process in order to execute arbitrary code##- CVE-2016-0789: HTTP response splitting in the CLI command documentation. A remote attacker can exploit it by enticing the victim into following a specially formed link in order to inject arbitrary HTTP headers##- CVE-2016-0790: comparison of API token is vulnerable to timing attacks. A remote attacker could exploit it by using statistical methods in order to determine valid API tokens##- CVE-2016-0791: comparison of CSRF crumbs is vulnerable to timing attacks. A remote attacker could exploit it by using statistical methods in order to determine valid CSRF crumbs##- CVE-2016-0792: remote code execution through remote API. A remote, low-privileged attacker could exploit it by POSTing XML files via certain API endpoints in order to get those files deserialized by Jenkins, leading to arbitrary code execution.##The jenkins and jenkins-lts packages provided by FreeBSD are vulnerable.#Updated, 30/07/2017:#An exploitation code is available for the CVE-2016-0792 vulnerability.)
