Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Sun GlassFish Server 3.0 Preview Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running the Sun GlassFish Server 3.0 Preview. This versions is potentially affected by multiple issues :

- An information disclosure vulnerability affects the 'filename' and 'file' parameters of the 'jsft_resource.jsf' script.

- An information disclosure vulnerability affects the 'file' and 'filename' parameters of the 'scale_static_resource.jsf' script.

Solution

Use the current stable version 2 of Sun GlassFish Enterprise Server.