Java Debug Wire Protocol Detection

High Nessus Plugin ID 58400


A debugger service is running on the remote host.


A Java Debug Wire Protocol (JDWP) server was detected on the remote host. This is a network protocol that allows debugging of a remote Java virtual machine. Authentication is not required to access this service. A remote, unauthenticated attacker could connect to this service and execute arbitrary Java code.

Depending on the application being debugged, it is possible that this service will stop running after it has been detected by Nessus. As such, this plugin only runs if 'Safe checks' have been disabled.


Filter incoming traffic to this port or disable this service.

See Also

Plugin Details

Severity: High

ID: 58400

File Name: jdwp_detect.nasl

Version: $Revision: 1.4 $

Type: remote

Published: 2012/03/20

Modified: 2017/07/10

Dependencies: 11153

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:oracle:jre

Required KB Items: Settings/ThoroughTests