Sun.Java.Web.Server.Admin.Servlet.Board.Access

description-logoDescription

It indicates a possible exploit of a remote command execution vulnerability in Sun Java web server, which allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.

affected-products-logoAffected Products

Sun Java Web Server 2.0
Sun Java Web Server 1.1.3

Impact logoImpact

Execute arbitrary commands

recomended-action-logoRecommended Actions

Sun have released patch for this vulnerability.
Sun Java Web Server 1.1.3
* Sun JWS 1.1.3 Patch 3
http://java.sun.com/products/java-server/jws113patch3.html />Sun Java Web Server 2.0
* Sun JWS 2.0 Patch 3
http://java.sun.com/products/java-server/jws20patch3.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)