EUVD-2001-0582

Malware in sbrugna...

Oracle JSP Apache/Jserv Path Translation Arbitrary JSP File Execution

Detects Vulnerability in the execution of JSPs outside docroot. A potential security vulnerability has been discovered in Oracle JSP releases 1.0.x through 1.1.1 in Apache/Jserv. This vulnerability permits access to and execution of unintended JSP files outside the docroot in Apache/Jserv. For...

CVE-2001-0591

Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' dot dot attack...

CVE-2001-0591

CVE-2001-0591 is a directory traversal vulnerability in Oracle JSP 1.0.x–1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 that allows remote attackers to read or execute arbitrary .jsp files via a '..' path traversal. The connected Nessus entry confirms the CVE is among Oracle Application Server vulnerab...

CVE-2001-0591

Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' dot dot attack...

Workaround for Unintended JSP Execution When Using Oracle Apache/JServ

Workaround for Unintended JSP Execution When Using Oracle Apache/JServ Description A potential security vulnerability has been discovered in Oracle JSP Releases 1.0.x through 1.0.2 when using Oracle Apache/JServ only. This vulnerability permits the execution of unintended or incorrect JSP files...

Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root

Georgi Guninski security advisory 36, 2001 Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root Systems affected: Oracle JSP/SQLJSP handlers, installed by default Oracle 8.1.7 Windows 2000 Have not tested on other versions but they may be vulnerable Risk: High Dat...