Short Name |
HTTP:CISCO:SERVLETEXEC |
---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco Collaboration Server ServletEXEC File Upload |
Release Date |
2004/08/18 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit the known vulnerability in the ServletEXEC utility packaged with Cisco Collaboration Server versions earlier than 5.0. A successful attack can allow the attacker to upload files and gain access with administrative permissions.
Sun One Application Server is prone to an undisclosed file disclosure vulnerability. This vulnerability allows remote attackers to gain access to the contents of potentially sensitive files, possibly aiding them in further system compromise. Further details are not available at this time. This BID will be updated as more information is made available.