漏洞信息详情
Sun ONE Application Server源泄露漏洞
- CNNVD编号:CNNVD-200306-115
- 危害等级: 低危
- CVE编号: CVE-2003-0411
- 漏洞类型: 输入验证
- 发布时间: 2003-06-30
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: sun
- 漏洞来源:
漏洞简介
Windows 2000/XP平台下的Sun ONE Application Server 7.0存在漏洞。远程攻击者可以借助一个用大写“.jsP”扩展名代替小写.jsp的请求获得jsP源代码。
漏洞公告
A new version has been released to address this issue. Sun ONE Application Server 7.0 Platform Edition
- Sun ONE Application Server 7.0 Update release 2 http://wwws.sun.com/software/download/app_servers.HTML
- Sun ONE Application Server 7.0 Update release 2 http://wwws.sun.com/software/download/app_servers.HTML
- Sun ONE Application Server 7.0 Update release 2 http://wwws.sun.com/software/download/app_servers.HTML
- Sun ONE Application Server 7.0 Update release 2 http://wwws.sun.com/software/download/app_servers.HTML
参考网址
来源: BID 名称: 7709 链接:http://www.securityfocus.com/bid/7709 来源: XF 名称: sunone-jsp-source-disclosure(12093) 链接:http://www.iss.net/security_center/static/12093.php 来源: CIAC 名称: N-103 链接:http://www.ciac.org/ciac/bulletins/n-103.sHTML 来源: SUNALERT 名称: 55221 链接:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity 来源: www.spidynamics.com 链接:http://www.spidynamics.com/sunone_alert.HTML 来源: SUNALERT 名称: 1000610 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000610.1-1 来源: BUGTRAQ 名称: 20030526 Multiple Vulnerabilities in Sun-One Application Server 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=105409846029475&w=2
受影响实体
- Sun One_application_server:7.0:Standard
- Sun One_application_server:7.0:Platform
补丁
暂无
评论