Vulnerabilities > CVE-2000-0629 - Unspecified vulnerability in SUN Java System web Server 1.1.3/2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family | CGI abuses |
NASL id | BBOARD.NASL |
description | The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10507 |
published | 2000-09-10 |
reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10507 |
title | Sun Java Web Server bboard Servlet Command Execution |