The CGI viewsource.jsp is installed.
This CGI allows an attacker to download any file
from the remote host, with the privileges of
the web server.
Solution: Remove the JSP sample files or upgrade to JRUN 2.3.3 or higher.
Risk factor : High
See also : http://www.macromedia.com/devnet/security/security_zone/asb00-15.html
BugTraq ID: 1386|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0540
Allaire Security Bulletin: ASB00-015
XForce ISS Database: jrun-read-sample-files(4774)
|Copyright||This script was written by Renaud Deraison|
|This is only one of 69903 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.