漏洞信息详情
Macromedia Jrun管理认证绕过漏洞
- CNNVD编号:CNNVD-200207-063
- 危害等级: 超危
- CVE编号: CVE-2002-0665
- 漏洞类型: 输入验证
- 发布时间: 2002-07-11
- 威胁类型: 远程
- 更新时间: 2005-05-02
- 厂 商: macromedia
- 漏洞来源: .');">Discovery of this ...
漏洞简介
Macromedia JRun Administration Server存在漏洞。远程攻击者可以借助URL中额外的斜杠(/)绕过登录表中的认证。
漏洞公告
Fixes are available: Macromedia JRun 3.0
- Macromedia jrun-30-unix-upgrade-us_49297.shPatch for Macromedia JRun 3.0/UNIX and Linux systems. http://download.macromedia.com/pub/security/jrun/30/unix/jrun-30-unix- upgrade-us_49297.sh
- Macromedia jrun-30-win-upgrade-en_49297.exePatch for Macromedia JRun 3.0/Windows systems. http://download.macromedia.com/pub/security/jrun/30/intel-win/jrun-30- win-upgrade-en_49297.exe
- Macromedia jrun-31-unix-upgrade-us_49297.shPatch for Macromedia JRun 3.1/UNIX and Linux systems. http://download.macromedia.com/pub/security/jrun/31/unix/jrun-31-unix- upgrade-us_49297.sh
- Macromedia jrun-31-win-upgrade-en_49297.exePatch for Macromedia JRun 3.1/Windows systems. http://download.macromedia.com/pub/security/jrun/31/intel-win/jrun-31- win-upgrade-en_49297.exe
- Macromedia MPSB02-06_jrun4-patch.zipPatch for Macromedia JRun 4.0/UNIX and Linux systems. http://download.macromedia.com/pub/security/jrun/40/MPSB02-06_jrun4-pa tch.zip
- Macromedia MPSB02-06_jrun4-patch.zipPatch for Macromedia JRun 4.0/Windows systems. http://download.macromedia.com/pub/security/jrun/40/MPSB02-06_jrun4-pa tch.zip
参考网址
来源: www.macromedia.com 链接:http://www.macromedia.com/v1/handlers/index.cfm?ID=23164 来源: BID 名称: 5118 链接:http://www.securityfocus.com/bid/5118 来源: XF 名称: jrun-forwardslash-auth-bypass(9450) 链接:http://www.iss.net/security_center/static/9450.php 来源: BUGTRAQ 名称: 20020628 wp-02-0009: Macromedia JRun Admin Server Authentication Bypass 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=102529402127195&w=2 来源: VULNWATCH 名称: 20020628 [VulnWatch] wp-02-0009: Macromedia JRun Admin Server Authentication Bypass 链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0133.HTML
受影响实体
- Macromedia Jrun:3.0
- Macromedia Jrun:3.1
- Macromedia Jrun:4.0
补丁
暂无
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
评论