OSVDB ID: 46019

Title: Sun Java Active Server Pages (ASP) Server Unspecified Applications Arbitrary Command Execution

Info

Disclosure

Jun 03, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jun 03, 2008

Description

Classification

Location: Remote / Network Access
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

Upgrade to version 4.0.3 or higher, as it has been reported to fix this vulnerability. It is also possible to temporarily work around the flaw by implementing the following workaround: Removing the affected ASP applications from the system can prevent exploitation of these vulnerabilities. Additionally, using firewalls to limit access to the administration server (TCP port 5100) and the ASP application server (TCP port 5102) can help mitigate these issues.

Products

Unknown or Incomplete

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/46019