Detections
Analytics
Sun GlassFish Server 3.0 Preview Multiple Vulnerabilities
medium Nessus Network Monitor Plugin ID 5151
Synopsis
The remote host is vulnerable to multiple attack vectors.Description
The remote host is running the Sun GlassFish Server 3.0 Preview. This versions is potentially affected by multiple issues :- An information disclosure vulnerability affects the 'filename' and 'file' parameters of the 'jsft_resource.jsf' script.
- An information disclosure vulnerability affects the 'file' and 'filename' parameters of the 'scale_static_resource.jsf' script.
Solution
Use the current stable version 2 of Sun GlassFish Enterprise Server.See Also
https://www.sec-consult.com/files/20090901_jsftemplating_filedisclosure.txt
Plugin Details
Severity: Medium
ID: 5151
Family: Web Servers
Published: 9/2/2009
Updated: 3/6/2019
Vulnerability Information
Patch Publication Date: 9/1/2009
Vulnerability Publication Date: 9/1/2009
Reference Information
BID: 36204