Multiple Vendor JSP Source Code Disclosure Vulnerability

Bugtraq ID: 1328
Class: Design Error
CVE:
Remote: Yes
Local: Yes
Published: Jun 08 2000 12:00AM
Updated: Jun 08 2000 12:00AM
Credit: Unify Exploit : Discovered by Niclas Vikstrom and posted to NTbugtraq on June 8, 2000. BEA Systems exploit : Discovered by Shreeraj Shah and published by Foundstone, Inc., June 12, 2000. IBM WebSphere Application Server exploit : Discovered by Shreeraj
Vulnerable: Unify eWave ServletExec 3.0
- HP HP-UX 11.0 4
- IBM AIX 4.3.2
- Linux kernel 2.3 .x
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- Sun Solaris 8_sparc
IBM Websphere Application Server 3.0.2 .1
- IBM AIX 4.3
- Linux kernel 2.3 .x
- Microsoft Windows NT 4.0
- Sun Solaris 8_sparc
BEA Systems Weblogic Server 4.5.1
- Microsoft Windows NT 4.0
BEA Systems Weblogic 4.0.4
+ BEA Systems WebLogic Express 3.1.8
- Microsoft Windows NT 4.0
BEA Systems Weblogic 3.1.8
- Microsoft Windows NT 4.0
Not Vulnerable: Unify eWave ServletExec 3.0 c
- HP HP-UX 11.0 4
- IBM AIX 4.3.2
- Linux kernel 2.3 .x
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Sun Solaris 8_sparc


 

Privacy Statement
Copyright 2010, SecurityFocus