Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1114

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-1114
Last Modified 05 Sep 2008 04:22:41
Published 09 Jan 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-1114

Summary

Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".

Vulnerable Systems

Application

  • Unify Ewave Servletexec 3.0

  • Unify Ewave Servletexec 3.0c


References

BID - 1970

BUGTRAQ - 20001121 Disclosure of JSP source code with ServletExec AS v3.0c + web ins tance


Last Updated: 27 May 2016 10:36:01