Sun GlassFish Enterprise Server Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 5030
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is running the Sun GlassFish Enterprise Server earlier than 2.1 Patch02. Such versions are reportedly affected by multiple vulnerabilities :
- There are multiple input validation flaws that could lead to cross-site scripting attacks.
- A local denial of service vulnerability in the HTTP engine.
SolutionSun has release a fix for this version of their server. Apply the referenced patches.