Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0812

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0812
Last Modified 05 Sep 2008 04:21:56
Published 14 Nov 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0812

Summary

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.

Vulnerable Systems

Application

  • Sun Java System Web Server 1.1 Beta

  • Sun Java System Web Server 1.1.2

  • Sun Java System Web Server 1.1.3

  • Sun Java System Web Server 2.0


References

MISC - http://www.securityfocus.com/templates/advisory.html?id=2542

SUN - 00197

XF - sunjava-webadmin-bbs

BID - 1600


Last Updated: 27 May 2016 10:35:52