Oracle GlassFish Server 2.1.1 / 3.0.1 / 3.1.2 Multiple Vulnerabilities (October 2013 CPU)
Medium Nessus Network Monitor Plugin ID 9000
SynopsisThe remote web server is affected by multiple vulnerabilities.
DescriptionOracle GlassFish versions 2.1.1, 3.0.1, and 3.1.2 are affected by the following vulnerabilities :/n/n - The Java Server Faces is prone to multiple directory traversal vulnerabilities/n - The Metro component is affected by a remote security vulnerability which can be exploited via SOAP/n - The Metro component is also affected by a potential DoS condition which can be exploited via SOAP/n
SolutionUpgrade to GlassFish Server 18.104.22.168 / 22.214.171.124 / 126.96.36.199 or later.