Details of VAR-201008-0391

ID

VAR-201008-0391

TITLE

ServletExec Directory Traversal and Validation Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2010-1596

DESCRIPTION

ServletExec is a JSP and Java Servlet engine that is used as a plugin for popular web servers like Apache, IIS, Netscape, and more. ServletExec has multiple security vulnerabilities that allow malicious users to obtain sensitive information or bypass security restrictions. - The input to the \"page\" parameter passed to servlet/pagecompile._admin._help._helpContent_xjsp is missing validation when used to display the file, and an attacker can obtain arbitrary file content through directory traversal. - Missing validation of precompiled JSP pages in the management interface, direct access to precompiled pages in the \"Servlet Exec Admin\" package bypasses administrator authentication (eg servlet/pagecompile._admin._userMgt_xjsp). ServletExec is prone to a directory-traversal vulnerability and multiple authentication-bypass vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Versions prior to ServletExec 6.0.0.2_39 are vulnerable

Trust: 0.81

sources: CNVD: CNVD-2010-1596 // BID: 42411

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2010-1596

AFFECTED PRODUCTS

vendor:

newatlanta

model:

servletexec

scope:

version:

6.x

Trust: 0.6

sources: CNVD: CNVD-2010-1596

THREAT TYPE

network

Trust: 0.3

sources: BID: 42411

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 42411

PATCH

title:

ServletExec directory traversal and validation bypassing patches

url:

https://www.cnvd.org.cn/patchinfo/show/824

Trust: 0.6

sources: CNVD: CNVD-2010-1596

EXTERNAL IDS

db:	BID	id:	42411	Trust: 0.9
db:	CNVD	id:	CNVD-2010-1596	Trust: 0.6

sources: CNVD: CNVD-2010-1596 // BID: 42411

REFERENCES

url:	http://www.mindedsecurity.com/msa260209.htmlhttp	Trust: 0.6
url:	http://www.mindedsecurity.com/msa260209.html	Trust: 0.3
url:	http://www.newatlanta.com/products/servletexec/index.jsp	Trust: 0.3

sources: CNVD: CNVD-2010-1596 // BID: 42411

CREDITS

Stefano Di Paola; Giorgio Fedon

Trust: 0.3

sources: BID: 42411

SOURCES

db:	CNVD	id:	CNVD-2010-1596
db:	BID	id:	42411

LAST UPDATE DATE

2022-05-17T22:51:30.732000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2010-1596	date:	2010-08-13T00:00:00
db:	BID	id:	42411	date:	2010-08-12T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2010-1596	date:	2010-08-13T00:00:00
db:	BID	id:	42411	date:	2010-08-12T00:00:00