Signature Detail
Short Name |
HTTP:CISCO:SERVLETEXEC |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco Collaboration Server ServletEXEC File Upload |
Release Date |
2004/08/18 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Cisco Collaboration Server ServletEXEC File Upload
This signature detects attempts to exploit the known vulnerability in the ServletEXEC utility packaged with Cisco Collaboration Server versions earlier than 5.0. A successful attack can allow the attacker to upload files and gain access with administrative permissions.
Extended Description
Sun One Application Server is prone to an undisclosed file disclosure vulnerability. This vulnerability allows remote attackers to gain access to the contents of potentially sensitive files, possibly aiding them in further system compromise. Further details are not available at this time. This BID will be updated as more information is made available.
Affected Products
- Sun ONE Application Server 6.0.0
- Sun ONE Application Server 6.0.0 SP1
- Sun ONE Application Server 6.0.0 SP2
- Sun ONE Application Server 6.0.0 SP3
- Sun ONE Application Server 6.0.0 SP4
- Sun ONE Application Server 6.5.0
- Sun ONE Application Server 6.5.0 MU1
- Sun ONE Application Server 6.5.0 MU2
- Sun ONE Application Server 6.5.0 MU3
- Sun ONE Application Server 6.5.0 SP1
- Sun ONE Application Server 6.5.0 SP1 MU1
- Sun ONE Application Server 6.5.0 SP1 MU2
- Sun ONE Application Server 6.5.0 SP1 MU3
- Sun ONE Application Server 6.5.0 SP1 MU4
- Sun ONE Application Server 6.5.0 SP1 MU5
- Sun ONE Application Server 6.5.0 SP1 MU6
References