Bugtraq mailing list archives
Re: def-2001-32 - Allaire JRun directory browsing vulnerability
From: "Felix Huber" <huberfelix () webtopia de>
Date: Thu, 29 Nov 2001 12:42:56 +0100
------------------------=[Affected Systems]=-------------------------- Under Windows NT/2000(any service pack) and IIS 4.0/5.0: - JRun 3.0 (all editions) - JRun 3.1 (all editions) ----------------------=[Detailed Description]=------------------------ Upon sending a specially formed request to the web server, containing a '.jsp' extension makes the JRun handle the request. Example: http://www.victim.com/%3f.jsp
Not only IIS is affected, i found vulnerable Sites running Apache 1.3.19/Solaris and Apache 1.3.12/Linux. A NASL Script is attached to find affected systems. Regards, Felix Huber ------------------------------------------------------- Felix Huber, Security Consultant, Webtopia Guendlinger Str.2, 79241 Ihringen - Germany huberfelix () webtopia de (07668) 951 156 (phone) http://www.webtopia.de (07668) 951 157 (fax) (01792) 205 724 (mobile) -------------------------------------------------------
Attachment:
jrun_getdir.nasl
Description:
Current thread:
- Re: def-2001-32 - Allaire JRun directory browsing vulnerability Felix Huber (Nov 29)
- Re: def-2001-32 - Allaire JRun directory browsing vulnerability Felix Huber (Nov 30)
- <Possible follow-ups>
- RE: def-2001-32 - Allaire JRun directory browsing vulnerability George Hedfors (Nov 29)
- Re: def-2001-32 - Allaire JRun directory browsing vulnerability null null (Nov 30)