JRun Multiple Vulnerabilities (OF, XSS, ID, Hijacking)

Medium Nessus Plugin ID 14810


The remote web application server is affected by multiple flaws.


The remote host is running JRun, a J2EE application server running on top of IIS or Apache. There are multiple flaws in the remote version of this software :

- The JSESSIONID variable is not implemented securely. An attacker may use this flaw to guess the session id number of other users. Only JRun 4.0 is affected.

- There is a code disclosure issue that may allow an attacker to obtain the contents of a .cfm file by appending ';.cfm' to the file name.
Only the Microsoft IIS connector and JRun 4.0 are affected.

- There is a buffer overflow vulnerability if the server connector is configured in 'verbose' mode. An attacker may exploit this flaw to execute arbitrary code on the remote host.


Apply the appropriate patch / updater referenced in the vendor advisories above.

See Also






Plugin Details

Severity: Medium

ID: 14810

File Name: jrun_multiple_flaws.nasl

Version: $Revision: 1.21 $

Type: remote

Family: Web Servers

Published: 2004/09/24

Modified: 2011/10/14

Dependencies: 67257, 10107, 11919, 17975

Risk Information

Risk Factor: Medium


Base Score: 5.1

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 2004/09/23

Vulnerability Publication Date: 2004/09/23

Reference Information

CVE: CVE-2004-0646, CVE-2004-0928, CVE-2004-1477, CVE-2004-1478, CVE-2004-2182

BID: 11245, 11331, 11411, 11413, 11414

OSVDB: 10238, 10239, 10240, 10546, 19753

CWE: 287