icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Sun GlassFish Server 3.0 Preview Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running the Sun GlassFish Server 3.0 Preview. This versions is potentially affected by multiple issues :

- An information disclosure vulnerability affects the 'filename' and 'file' parameters of the 'jsft_resource.jsf' script.

- An information disclosure vulnerability affects the 'file' and 'filename' parameters of the 'scale_static_resource.jsf' script.

Solution

Use the current stable version 2 of Sun GlassFish Enterprise Server.