First page Back Continue Last page Overview Graphics
Why JBoss AS ?
Too few studies
- RedTeam at Hack.lu 2008 → Very interesting but only about JBoss 4
- RedTeam in 2010 → Paper about the DeploymentFileRepository vulnerability
- Trustwave at Black Hat Europe 2010 → PoC Autopwn
JBoss 5/6 more and more common
- Some interesting features have been removed (remote HTTP and BSH deployment, )
- Several vulnerabilities have been patched
JBoss 7 is now available !