Lucene search

[email protected]NVD:CVE-2000-0629

HistoryJul 12, 2000 - 4:00 a.m.

CVE-2000-0629

2000-07-1204:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.9%

JSON

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.

Affected configurations

NVD

Node

sunjava_system_web_serverMatch1.1.3

sunjava_system_web_serverMatch2.0

References

archives.neohapsis.com/archives/bugtraq/2000-07/0163.html

www.securityfocus.com/bid/1459

www.sun.com/software/jwebserver/faq/jwsca-2000-02.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.9%

JSON

Related for NVD:CVE-2000-0629

nessus1 cve1 cvelist1