|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> CGI abuses >> Multiple vulnerabilities in OpenConnect WebConnect < 6.5.1 Vulnerability Assessment Details
|
Multiple vulnerabilities in OpenConnect WebConnect < 6.5.1 |
||
Checks for multiple vulnerabilities in OpenConnect WebConnect < 6.5.1 Detailed Explanation for this Vulnerability Assessment Summary : The remote web server contains a Java application that is vulnerable to multiple attacks. Description : The remote host is running OpenConnect WebConnect, a web-based graphical user interface that gives remote users console access to mainframe, midrange, and Unix systems using a Java-based telnet console which communicates securely over HTTP. OC WebConnect 6.44 and 6.5 (and possibly previous versions) have multiple remote vulnerabilities : - A remote attacker can bring about a denial of service by sending an HTTP GET or POST request with an MS-DOS device name in it (Windows platforms only). - A read-only directory traversal vulnerability in 'jretest.html' permits exposure of files formatted in an INI-style format (any platform). See also : http://cirt.dk/advisories/cirt-29-advisory.pdf Solution : Upgrade to OpenConnect WebConnect 6.5.1 or later. Network Security Threat Level: Low / CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N) Networks Security ID: 12613 Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2006 Tenable Network Security |
||
Cables, Connectors |
Juniper Networks 740-061405 JNP-QSFP-100G-SR4 OM3 QSFP28 100GE 850nm100m 1PCS
$150.00
Juniper 740-061409 QSFP-100G-LR4 SMF 10km 1310nm 70C 100GBAS SMF Transceiver
$105.00
JUNIPER EX3400-48P 48x 1GB PoE+ RJ-45 4x 10GB SFP+ 2x 40GB QSFP+, DUAL AC POWER
$210.00
Juniper Networks EX3300 EX3300-48P 48-Port Gigabit PoE+ Switch
$40.12
Juniper QFX5100-48T-AFO 48x 10Gb RJ45, 6x QSFP 40GE & Dual AC
$699.00
Juniper EX4600-40F-AFI 24 SFP+/SFP Ports 4 QSFP+ Ports Dual AC Switch
$999.00
Juniper Networks EX4300-48T 48 Port Gigabit 4 QSFP 40G 2xPSU AFO Network Switch
$89.00
Juniper Networks EX3300-24P | 24 Port Gigabit Network Switch w/ Power cord
$53.99
Juniper Networks EX2300-C 12-Port 2XSFP Uplinks PoE+ Switch P/N: EX2300-C-12P
$299.99
New Factory Sealed Juniper EX2300-48P Networks 48-Port Managed Ethernet Sealed
$499.00
|
||
No Discussions have been posted on this vulnerability. |