Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2406

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2406
Last Modified 07 Mar 2011 10:09:08
Published 04 Jun 2008 04:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2406

Summary

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.

Vulnerable Systems

Application

  • Sun Java Asp Server 4.0

  • Sun Java Asp Server 4.0.2


References

XF - sun-jsasp-admin-auth-bypass(42833)

VUPEN - ADV-2008-1742

BID - 29539

SUNALERT - 238184

SECUNIA - 30523

IDEFENSE - 20080603 Sun Java System Active Server Pages Authorization Bypass Vulnerability

SECTRACK - 1020191


Last Updated: 27 May 2016 10:47:51