CVE-2000-0629
CVSS7.5
发布时间 :2000-07-12 00:00:00
修订时间 :2008-09-10 15:05:28
NMCOS    

[原文]The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.


[CNNVD]Sun Java Web服务器漏洞(CNNVD-200007-029)

        Sun Java web server 2.0版本及之前版本的默认配置存在漏洞。远程攻击者可以借助board.html通过上传Java代码到服务器然后直接调用JSP编译控制器来执行任意命令。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:sun:java_system_web_server:2.0
cpe:/a:sun:java_system_web_server:1.1.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0629
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0629
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200007-029
(官方数据源) CNNVD

- 其它链接及资源

http://www.sun.com/software/jwebserver/faq/jwsca-2000-02.html
(VENDOR_ADVISORY)  MISC  http://www.sun.com/software/jwebserver/faq/jwsca-2000-02.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0163.html
(VENDOR_ADVISORY)  BUGTRAQ  20000711 Sun's Java Web Server remote command execution vulnerability
http://www.securityfocus.com/bid/1459
(UNKNOWN)  BID  1459

- 漏洞信息

Sun Java Web服务器漏洞
高危 其他
2000-07-12 00:00:00 2005-10-20 00:00:00
远程※本地  
        Sun Java web server 2.0版本及之前版本的默认配置存在漏洞。远程攻击者可以借助board.html通过上传Java代码到服务器然后直接调用JSP编译控制器来执行任意命令。

- 公告与补丁

        
        Sun Java Web Server 1.1.3
        
        Sun Java Web Server 2.0
        

- 漏洞信息

406
Sun Java Web Server bboard Servlet Command Execution
Input Manipulation
Loss of Integrity Patch / RCS
Vendor Verified

- 漏洞描述

- 时间线

2000-07-11 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Sun has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Sun Java Web Server Vulnerability
Origin Validation Error 1459
Yes Yes
2000-07-12 12:00:00 2009-07-11 02:56:00
This information was initially released by CERT/CC and posted to the Bugtraq mailing list on February 2, 2000. Sun Microsystems released an FAQ in specific to their Java Webserver on February 15, 2000. An advisory detailing specifics not mentioned in the S

- 受影响的程序版本

Sun Java Web Server 2.0
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Sun Solaris 2.5.1 _x86
- Sun Solaris 2.5.1 _ppc
- Sun Solaris 2.5.1
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 2.6_x86HW5/98
- Sun Solaris 2.6_x86HW3/98
- Sun Solaris 2.6_x86
- Sun Solaris 2.6 HW5/98
- Sun Solaris 2.6 HW3/98
- Sun Solaris 2.6
- Sun Solaris 2.5_x86
- Sun Solaris 2.5
Sun Java Web Server 1.1.3
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Sun Solaris 2.5.1 _x86
- Sun Solaris 2.5.1 _ppc
- Sun Solaris 2.5.1
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 2.6_x86HW5/98
- Sun Solaris 2.6_x86HW3/98
- Sun Solaris 2.6_x86
- Sun Solaris 2.6 HW5/98
- Sun Solaris 2.6 HW3/98
- Sun Solaris 2.6
- Sun Solaris 2.5_x86
- Sun Solaris 2.5

- 漏洞讨论

In February of 2000 CERT Coordination Center released an advisory titled "Malicious HTML Tags Embedded in Client Web Requests" (advisory attached in 'Credit' section"). This advisory was a joint release by the CERT Coordination Center, DoD-CERT, the DoD Joint Task Force for Computer Network Defense (JTF-CND), the Federal Computer Incident Response Capability (FedCIRC), and the National Infrastructure Protection Center (NIPC). The point of the advisory in essence was a warning about client side vulnerabilities brought about by malicious scripting from Rogue websites which could be exploited to run code on client side browsers (acting as unwary interpreters for the scripting in question). Shortly after this advisory was released Sun Microsystems released a FAQ (attached in 'Credit' section") for their Java(TM) Web Server detailing how this type of vulnerability could be used to exploit their actual webserver via the example scripts shipped with the product.

Somewhat later this already public information was expounded upon in a security advisory posted to Bugtraq with precise details on how to exploit this vulnerability provided users had not already heeded the Sun or CERT notice on this issue.

- 漏洞利用

Example code for this vulnerability is included in the Foundstone, Inc. advisory attached in 'Credit' section".

- 解决方案

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站