• info
• discussion
• exploit
• solution
• references

Sun Java Web Server Web Admin / Bullettin Board Vulnerability

See the discussion, and for a more detailed explanation see the Foundstone advisory (linked to in the Credit section)