RSS   Vulnerabilities for 'Java asp server'   RSS

2008-06-04
 
CVE-2008-2406

CWE-287
 

 
The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.

 
 
CVE-2008-2404

CWE-119
 

 
Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.

 
 
CVE-2008-2403

CWE-22
 

 
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.

 
 
CVE-2008-2402

CWE-264
 

 
The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents.

 

 >>> Vendor: SUN 199 Products
Solaris
Sunos
NFS
JAVA
Cobalt raq
Rpc.ruserd
Cobalt raq 2
Cobalt raq 3i
Sparc
Web-based enterprise management
Solstice adminsuite
Forte
Netbeans developer
Openwindows
Solstice backup
Solaris isp server
Staroffice
Workshop
Java system web server
Solaris answerbook2
Hotjava browser
Iplanet certificate management system
JDK
Cluster
Chilisoft
Sun ftp
Javaserver web dev kit
Iplanet web server
Sunvts
Netdynamics
Java plug-in
JRE
Iplanet directory server
Management+center
SDK
Cobalt raq 4
One application server
Sun pci ii driver
I-runbook
One web server
Linux
Cobalt raq xtr
Sunone starter kit
Java web start
Ray server software
Solaris pc netlink
Patchpro
Enterprise authentication mechanism
One directory server
Sun fire
JMF
J2EE
Change manager
Crypto accelerator 4000
SEAM
Java system calendar server
Dtmail
Java desktop system
Java enterprise system
Java system application server
Enterprise storage manager
Storedge 3310 scsi array
Storedge 3510 fc array
Java system web proxy server
Patch manager
JSSE
Netra 1280
Sunforum
Storedge qfs
Storedge sam-qfs
Storeedge performance suite
Storeedge utilization suite
Iplanet messaging server
One messaging server
RTE
Storedge enterprise backup software
J2SE
Javamail
Storedge 6130 arrays
Java system directory proxy server
Java system directory server
One administration server
Java system communications express
Java communications services delegated administrator
Wbem services
Grid engine
Java system access manager
N1 grid engine
Java studio enterprise
N1 system manager
Storage automated diagnostic environment
Java system content delivery server
Secure global desktop
NSS
Java system messaging server
Iplanet messaging server messenger express
Java system messenger express
Chainkey java code protection
Java dynamic management kit
Java web console
See all Products for Vendor SUN


Copyright 2019, cxsecurity.com

 

Back to Top