4 matches found
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Information Disclosure Vulnerability
iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...
DSquare Exploit Pack: D2SEC_SUNASP1
Name| d2secsunasp1 ---|--- CVE| CVE-2008-2402 Exploit Pack| D2ExploitPack Description| Sun Java System Active Server Pages Information Disclosure Notes|...
CVE-2008-2402
The Admin Server in Sun Java Active Server Pages ASP Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents...
CVE-2008-2402
CVE-2008-2402 involves Sun Java System Active Server Pages (ASP) Server prior to 4.0.3. The Admin Server stores sensitive information under the web root with insufficient access control, allowing remote attackers to read password hashes and configuration data via direct requests for unspecified d...