Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

Jetty Servlet Engine Arbitrary Command Execution Vulnerability

Bugtraq ID: 5852
Class: Input Validation Error
CVE: CVE-2002-1178
CVE-2002-1178
Remote: Yes
Local: No
Published: Oct 02 2002 12:00AM
Updated: Jul 11 2009 05:06PM
Credit: Discovery of this vulnerability credited to Matt Moore <matt@westpoint.ltd.uk>.
Vulnerable: Jetty Jetty 4.1 .0RC4
Jetty Jetty 3.1.7
- Debian Linux 2.2 sparc
 - Debian Linux 2.2 powerpc
 - Debian Linux 2.2 IA-32
 - Debian Linux 2.2 arm
 - Debian Linux 2.2 alpha
 - Debian Linux 2.2 68k
 - MandrakeSoft Linux Mandrake 8.1
- MandrakeSoft Linux Mandrake 8.0
- MandrakeSoft Linux Mandrake 7.2
- Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
 - Microsoft Windows 2000 Datacenter Server SP1
 - Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP1
 - Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP2
 - Microsoft Windows 2000 Terminal Services SP1
 - Microsoft Windows 2000 Terminal Services
- Microsoft Windows 95
- Microsoft Windows 98 SP1
 - Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT Enterprise Server 4.0 SP6a
 - Microsoft Windows NT Enterprise Server 4.0 SP6
 - Microsoft Windows NT Enterprise Server 4.0 SP5
 - Microsoft Windows NT Enterprise Server 4.0 SP4
 - Microsoft Windows NT Enterprise Server 4.0 SP3
 - Microsoft Windows NT Enterprise Server 4.0 SP2
 - Microsoft Windows NT Enterprise Server 4.0 SP1
 - Microsoft Windows NT Enterprise Server 4.0
 - Microsoft Windows NT Server 4.0 SP6a
 - Microsoft Windows NT Server 4.0 SP6
 - Microsoft Windows NT Server 4.0 SP5
 - Microsoft Windows NT Server 4.0 SP4
 - Microsoft Windows NT Server 4.0 SP3
 - Microsoft Windows NT Server 4.0 SP2
 - Microsoft Windows NT Server 4.0 SP1
 - Microsoft Windows NT Server 4.0
 - Microsoft Windows NT Terminal Server 4.0 SP6
 - Microsoft Windows NT Terminal Server 4.0 SP5
 - Microsoft Windows NT Terminal Server 4.0 SP4
 - Microsoft Windows NT Terminal Server 4.0 SP3
 - Microsoft Windows NT Terminal Server 4.0 SP2
 - Microsoft Windows NT Terminal Server 4.0 SP1
 - Microsoft Windows NT Terminal Server 4.0 alpha
 - Microsoft Windows NT Terminal Server 4.0
 - Microsoft Windows NT Workstation 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP6
 - Microsoft Windows NT Workstation 4.0 SP5
 - Microsoft Windows NT Workstation 4.0 SP4
 - Microsoft Windows NT Workstation 4.0 SP3
 - Microsoft Windows NT Workstation 4.0 SP2
 - Microsoft Windows NT Workstation 4.0 SP1
 - Microsoft Windows NT Workstation 4.0
 - Microsoft Windows XP Home
- Microsoft Windows XP Professional
- RedHat Linux 7.2 ia64
 - RedHat Linux 7.2 i386
 - RedHat Linux 7.2 alpha
 - RedHat Linux 7.1 i386
 - RedHat Linux 7.1 alpha
 - RedHat Linux 7.0 sparc
 - RedHat Linux 7.0 i386
 - RedHat Linux 7.0 alpha
 - RedHat Linux 6.2 sparc
 - RedHat Linux 6.2 i386
 - RedHat Linux 6.2 alpha
 - S.u.S.E. Linux 7.3 sparc
 - S.u.S.E. Linux 7.3 ppc
 - S.u.S.E. Linux 7.3 i386
 - S.u.S.E. Linux 7.2 i386
 - S.u.S.E. Linux 7.1 x86
 - S.u.S.E. Linux 7.1 sparc
 - S.u.S.E. Linux 7.1 ppc
 - S.u.S.E. Linux 7.1 alpha
 - S.u.S.E. Linux 7.0 sparc
 - S.u.S.E. Linux 7.0 ppc
 - S.u.S.E. Linux 7.0 i386
 - S.u.S.E. Linux 7.0 alpha
 - Slackware Linux 8.0
- Slackware Linux 7.1
- Sun Solaris 8_x86
 - Sun Solaris 8
 - Sun Solaris 7.0_x86
 - Sun Solaris 7.0
 - Sun Solaris 2.6_x86
 - Sun Solaris 2.6
 Jetty Jetty 3.1.6
- Debian Linux 2.2 sparc
 - Debian Linux 2.2 powerpc
 - Debian Linux 2.2 IA-32
 - Debian Linux 2.2 arm
 - Debian Linux 2.2 alpha
 - Debian Linux 2.2 68k
 - MandrakeSoft Linux Mandrake 8.1
- MandrakeSoft Linux Mandrake 8.0
- MandrakeSoft Linux Mandrake 7.2
- Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
 - Microsoft Windows 2000 Datacenter Server SP1
 - Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP1
 - Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP2
 - Microsoft Windows 2000 Terminal Services SP1
 - Microsoft Windows 2000 Terminal Services
- Microsoft Windows 95
- Microsoft Windows 98 SP1
 - Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT Enterprise Server 4.0 SP6a
 - Microsoft Windows NT Enterprise Server 4.0 SP6
 - Microsoft Windows NT Enterprise Server 4.0 SP5
 - Microsoft Windows NT Enterprise Server 4.0 SP4
 - Microsoft Windows NT Enterprise Server 4.0 SP3
 - Microsoft Windows NT Enterprise Server 4.0 SP2
 - Microsoft Windows NT Enterprise Server 4.0 SP1
 - Microsoft Windows NT Enterprise Server 4.0
 - Microsoft Windows NT Server 4.0 SP6a
 - Microsoft Windows NT Server 4.0 SP6
 - Microsoft Windows NT Server 4.0 SP5
 - Microsoft Windows NT Server 4.0 SP4
 - Microsoft Windows NT Server 4.0 SP3
 - Microsoft Windows NT Server 4.0 SP2
 - Microsoft Windows NT Server 4.0 SP1
 - Microsoft Windows NT Server 4.0
 - Microsoft Windows NT Terminal Server 4.0 SP6
 - Microsoft Windows NT Terminal Server 4.0 SP5
 - Microsoft Windows NT Terminal Server 4.0 SP4
 - Microsoft Windows NT Terminal Server 4.0 SP3
 - Microsoft Windows NT Terminal Server 4.0 SP2
 - Microsoft Windows NT Terminal Server 4.0 SP1
 - Microsoft Windows NT Terminal Server 4.0 alpha
 - Microsoft Windows NT Terminal Server 4.0
 - Microsoft Windows NT Workstation 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP6
 - Microsoft Windows NT Workstation 4.0 SP5
 - Microsoft Windows NT Workstation 4.0 SP4
 - Microsoft Windows NT Workstation 4.0 SP3
 - Microsoft Windows NT Workstation 4.0 SP2
 - Microsoft Windows NT Workstation 4.0 SP1
 - Microsoft Windows NT Workstation 4.0
 - Microsoft Windows XP Home
- Microsoft Windows XP Professional
- RedHat Linux 7.2 ia64
 - RedHat Linux 7.2 i386
 - RedHat Linux 7.2 alpha
 - RedHat Linux 7.1 i386
 - RedHat Linux 7.1 alpha
 - RedHat Linux 7.0 sparc
 - RedHat Linux 7.0 i386
 - RedHat Linux 7.0 alpha
 - RedHat Linux 6.2 sparc
 - RedHat Linux 6.2 i386
 - RedHat Linux 6.2 alpha
 - S.u.S.E. Linux 7.3 sparc
 - S.u.S.E. Linux 7.3 ppc
 - S.u.S.E. Linux 7.3 i386
 - S.u.S.E. Linux 7.2 i386
 - S.u.S.E. Linux 7.1 x86
 - S.u.S.E. Linux 7.1 sparc
 - S.u.S.E. Linux 7.1 ppc
 - S.u.S.E. Linux 7.1 alpha
 - S.u.S.E. Linux 7.0 sparc
 - S.u.S.E. Linux 7.0 ppc
 - S.u.S.E. Linux 7.0 i386
 - S.u.S.E. Linux 7.0 alpha
 - Slackware Linux 8.0
- Slackware Linux 7.1
- Sun Solaris 8_x86
 - Sun Solaris 8
 - Sun Solaris 7.0_x86
 - Sun Solaris 7.0
 - Sun Solaris 2.6_x86
 - Sun Solaris 2.6
Not Vulnerable: Jetty Jetty 4.1.1
Jetty Jetty 4.1 .0







 

Privacy Statement
Copyright 2008, SecurityFocus