|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> CGI abuses >> Allaire JRun directory browsing vulnerability Vulnerability Assessment Details
|
Allaire JRun directory browsing vulnerability |
||
Allaire JRun directory browsing vulnerability Detailed Explanation for this Vulnerability Assessment Allaire JRun 3.0/3.1 under a Microsoft IIS 4.0/5.0 platform has a problem handling malformed URLs. This permits a remote user to browse the file system under the web root (normally \inetpub\wwwroot). Under Windows NT/2000(any service pack) and IIS 4.0/5.0: - JRun 3.0 (all editions) - JRun 3.1 (all editions) Upon sending a specially formed request to the web server, containing a '.jsp' extension makes the JRun handle the request. Example: http://www.victim.com/%3f.jsp This vulnerability permits anyone with remote access to the web server to browse it and any directory within the web root. Solution: >From Macromedia Product Security Bulletin (MPSB01-13) http://www.allaire.com/handlers/index.cfm?ID=22236&Method=Full Macromedia recommends, as a best practice, turning off directory browsing for the JRun Default Server in the following applications: - Default Application (the application with '/' mapping that causes the security problem) - Demo Application Also, make sure any newly created web application that uses the '/' mapping has directory browsing off. The changes that need to be made in the JRun Management Console or JMC: - JRun Default Server/Web Applications/Default User Application/File Settings/Directory Browsing Allowed set to FALSE. - JRun Default Server/Web Applications/JRun Demo/File Settings/ Directory Browsing Allowed set to FALSE. Restart the servers after making the changes and the %3f.jsp request should now return a 403 forbidden. When this bug is fixed, the request (regardless of directory browsing setting) should return a '404 page not found'. The directory browsing property is called [file.browsedirs]. Changing the property via the JMC will cause the following changes: JRun 3.0 will write [file.browsedirs=false] in the local.properties file. (server-wide change) JRun 3.1 will write [file.browsedirs=false] in the webapp.properties of the application. Network Security Threat Level: Medium Networks Security ID: 3592 Vulnerability Assessment Copyright: This script is Copyright (C) 2001 Felix Huber |
||
Cables, Connectors |
$16000.00
IBM Power S822 12-Bay Server System Power8 Core 3.42Ghz DVD-Rom Drive 64GB No HD
$399.99
IBM Power 720 POWER7 00E6516 3.6GHz CPU 64GB RAM Server
$209.98
IBM 7944AC1 System x3550 M3 Server 1*Intel Xeon X5650 2.67GHz 4GB SEE NOTES
$26.97
IBM Power 740 8205-E6C Express 8-SFF Power7 3.55GHz CPU 64GB RAM *No HDD* Server
$191.99
$100.00
Lenovo IBM x3500 M5 Tower Server E5-2670 V3 2.30GHz
$999.99
IBM SYSTEM x3200 M2 Server - HDD wiped, No OS
$75.00
IBM 8203 E4A p520 Server 8203-E4A 4.2GHz 2-Core POWER6 32GB RAM / NO HDD USED
$99.99
1U IBM x3550 M5 4 Bay SFF SAS3 Server 2x E5-2683 V3 28 Core 128GB DDR4 2x Tray
$318.00
|
||
No Discussions have been posted on this vulnerability. |