Published: 18/10/2010 Updated: 10/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote malicious users to execute arbitrary code by uploading a crafted web service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache axis2 1.3
apache axis2 1.4
apache axis2 1.5.2
apache axis2 1.6
apache axis2 1.5
apache axis2 1.4.1
apache axis2 1.5.1
sap businessobjects 3.2

Rapid7 Security Advisory - The SAP BusinessObjects product contains a module (dswsbobjewar) which deploys Axis2 with an administrator account which is configured with a static password As a result, anyone with access to the Axis2 port can gain full access to the machine via arbitrary remote code execution This requires the attacker to upload a m ...

## # $Id: axis2_deployerrb 11330 2010-12-14 17:26:44Z egypt $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' clas ...

## # $Id: axis2_deployer_restrb 11330 2010-12-14 17:26:44Z egypt $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

Computer Associates ARCserve D2D r15 Web Service Apache Axis2 World Accessible Servlet Code Execution Vulnerability Poc product homepage: supportcacom/phpdocs/0/8363/support/arcserved2d_supporthtml vulnerability: The Tomcat Server, which listens for incoming connections on port 8014, carries a world accessible Apache Axis2 Web Service ...

Is it easier to fix the application than to detect attacks? It is obviously best not to have any exploitable vulnerabilities at all Then again vulnerabilities are always unknown at first so having intrusion detection and to verify the system integrity is at least some kind of countermeasure, especially if the detecting NIDS/HIDS can actively block traffic besides producing al

CWE-255 http://www.rapid7.com/security-center/advisories/R7-0037.jsp http://www.vupen.com/english/advisories/2010/2673 https://service.sap.com/sap/support/notes/1432881 http://secunia.com/advisories/41799 http://www.kb.cert.org/vuls/id/989719 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf http://www.osvdb.org/70233 http://secunia.com/advisories/42763 http://retrogod.altervista.org/9sg_ca_d2d.html http://www.exploit-db.com/exploits/15869 http://www.securitytracker.com/id?1024929 https://kb.juniper.net/KB27373 https://exchange.xforce.ibmcloud.com/vulnerabilities/62523 http://www.securityfocus.com/archive/1/514284/100/0/threaded https://nvd.nist.gov https://github.com/uguril/MoocFiProject-2 https://packetstormsecurity.com/files/94773/Rapid7-Security-Advisory-37.html https://www.exploit-db.com/exploits/16315/https://www.kb.cert.org/vuls/id/989719

CVE-2010-0219

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect