The administration module in Sun Java web server allows remote malicious users to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun java system web server 1.1.2 |
||
sun java system web server 1.1.3 |
||
sun java system web server 1.1_beta |
||
sun java system web server 2.0 |