Vulnerabilities > CVE-2000-0629 - Unspecified vulnerability in SUN Java System web Server 1.1.3/2.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sun

nessus

NVD

Published: 2000-07-12

Updated: 2008-09-10

Summary

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN Java System WEB Server 1.1.3 SUN Java System WEB Server 2.0	2

Nessus

NASL family	CGI abuses
NASL id	BBOARD.NASL
description	The
last seen	2020-06-01
modified	2020-06-02
plugin id	10507
published	2000-09-10
reporter	This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10507
title	Sun Java Web Server bboard Servlet Command Execution

Summary

Vulnerable Configurations

Nessus

References