CVE-2008-2406

Sažetak

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=710
http://secunia.com/advisories/30523
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1
http://www.securityfocus.com/bid/29539
http://www.securitytracker.com/id?1020191
http://www.vupen.com/english/advisories/2008/1742/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42833

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-08-2017 - 01:31

Objavljeno

04-06-2008 - 20:32