icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Sun Java System ASP < 4.0.3 Multiple Vulnerabilities

Synopsis

The remote web server is affected by several vulnerabilities.

Description

The remote host is running Sun Java System Active Server Pages (ASP), or an older variant such as Sun ONE ASP or Chili!Soft ASP. The web server component of the installed version of Active Server Pages on the remote host is affected by several vulnerabilities :

- A flaw in an include file used by several of the administration server's ASP applications allows an attacker to write arbitrary data to a file specified by an attacker on the affected host. This issue does not affect ASP Server on a Windows platform (CVE-2008-2401). - Password and configuration data are stored in the administration server's web root and can be retrieved without credentials. This issue does not affect ASP Server on a Windows platform (CVE-2008-2402). - Multiple directory traversal vulnerabilities exist in several of the administration server's ASP applications can be abused to read or even delete arbitrary files on the affected host. This issue does not affect ASP Server on a Windows platform (CVE-2008-2403). - A stack buffer overflow allows code execution in the context of the ASP server (by default root) and can be exploited without authentication (CVE-2008-2404). - Several of the administration server's ASP applications fail to filter or escape user input before using it togenerate commands before executing them in a shell. While access to these applications nominally requires authentication, there are reportedly several methods of bypassing authentication (CVE-2008-2405).

Solution

Upgrade to Sun Java System ASP version 4.0.3 or later.