Vulnerabilities > CVE-2000-0540 - Unspecified vulnerability in Macromedia Jrun 2.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family CGI abuses NASL id JRUN.NASL description The version of JRun on the remote host has a directory traversal vulnerability in the last seen 2020-06-01 modified 2020-06-02 plugin id 10444 published 2000-06-22 reporter This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10444 title JRun viewsource.jsp Directory Traversal Arbitrary File Access NASL family CGI abuses NASL id DDI_JRUN_SAMPLE_FILES.NASL description This host is running the Allaire JRun web server and has sample files installed. Several of the sample files that come with JRun contain serious security flaws. An attacker can use these scripts to relay web requests from this machine to another one or view sensitive configuration information as well as all the session IDs that are currently in use by the server. Sample files should never be left on production servers. last seen 2020-06-01 modified 2020-06-02 plugin id 10996 published 2002-06-05 reporter This script is Copyright (C) 2002-2018 Digital Defense Inc. source https://www.tenable.com/plugins/nessus/10996 title JRun Multiple Sample Files Remote Information Disclosure