CVE-2000-0812

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag...

CVE-2000-0812

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag...

CVE-2000-0684

BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file...

CVE-2000-0629

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet...

MDMA Advisory #6: EServ Logging Heap Overflow Vulnerability

MDMA Advisory 6 by Andrew Lewis aka. Wizdumb EServ Logging Heap Overflow Vulnerability EServ has problems handling long strings in its logging, which leads it to have a remotely exploitable heap overflow. The following code, written in Java coz it's my language of choice, demonstrates the...