Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:JRUN-WEB-INF
Severity	Minor
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Allaire JRun WEB INF Directory Unauthenticated Access
Release Date	2016/11/29
Update Number	2807
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Allaire JRun WEB INF Directory Unauthenticated Access

This signature detects an attempt to exploit a known vulnerability against Allaire JRun. Successful exploitation could allow remote attackers to directly access the WEB-INF directory.

Extended Description

Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").

Affected Products

Macromedia jrun 3.0 (sp1)

References

CVE: CVE-2000-1050

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Allaire JRun WEB INF Directory Unauthenticated Access

Extended Description

Affected Products

References