Unify eWave ServletExec 3 JSP Source Disclosure Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HT...

Unify eWave ServletExec 3.0 c DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of service attack ...

jsp vulnerabilities and solutions-vulnerability warning-the black bar safety net

Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...

JSP vulnerabilities large-vulnerability warning-the black bar safety net

Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...

JSP vulnerabilities large-vulnerability warning-the black bar safety net

Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...

CVE-2000-0498

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case...

CVE-2000-0498

The CVE-2000-0498 vulnerability affects Unify eWave ServletExec. A remote attacker could view the source code of a JSP program by requesting a URL that uses the JSP extension in uppercase. Connected sources confirm the affected product and the exact attack vector; PT-2000-1436 notes no informatio...

Unify eWave ServletExec 3.0C UploadServlet Unprivileged File Upload

ServletExec has a servlet called 'UploadServlet' in its server side classes. UploadServlet, when invokable, allows an attacker to upload any file to any directory on the server. The uploaded file may have code that can later be executed on the server, leading to remote command execution...

Unify eWave ServletExec 3 - .JSP Source Disclosure

Unify eWave ServletExec 3 - .JSP Source Disclosure...

Unify eWave ServletExec 3 - .JSP Source Disclosure

source : https://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HTTP request is appended with one of...

Unify eWave ServletExec upload

Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory Unify eWave ServletExec upload ---------------------------------------------------------------------- FS Advisory ID: FS-103100-16-SRVX Release Date: October 31, 2000 Product: Unify eWave ServletExec 3.0C...

Unify eWave ServletExec DoS

Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory Unify eWave ServletExec DoS ---------------------------------------------------------------------- FS Advisory ID: FS-103000-15-SRVX Release Date: October 30, 2000 Product: Unify eWave ServletExec 3.0C Vendo...

Unify eWave ServletExec 3.0 c - Denial of Service

source: https://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of service attack if a URL invoking the ServletExec...

CVE-2000-0498

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case...

PT-2000-1436 · Unify · Unify Ewave Servletexec

Name of the Vulnerable Software and Affected Versions: Unify eWave ServletExec affected versions not specified Description: The issue allows a remote attacker to view the source code of a JSP program. This can be achieved by requesting a URL that provides the JSP extension in upper case...

Potential vulnerability in Unify eWave ServletExec

Niclas Vikstrom [email protected] brought this to my attention. Unify eWave ServletExec http://www.servletexec.com/ is a Java Server Pages JSP processing environment which runs on IIS amongst a variety of other platforms and OS'. JSP is similar to ASP in that it allows server-side source...