Title: Allaire JRun JSP Source Disclosure Vulnerability
Severity: HIGH
Description:
Allaire JRun is a web application development suite with JSP and Java Servlets.
An issue exists in Allaire JRun Web Server which has the potential to disclose sensitive information to remote attackers.
JRun Web Server does not properly handle certain types of web requests for JSP files, such as those containing HTML encoded characters or requests which are appended by a null character(%00). Such a request will cause JSP source code to be disclosed instead of interpreted by JRun Web Server.
This issue can be exploited with the following examples:
http://target/directory/jsp/myjsp%00
http://target/directory/jsp/myjs%2570
This is also a known issue when Microsoft IIS is used as a connector for serving JSP files.
Affected Products:
- Macromedia JRun 3.0.0
- Macromedia JRun 3.1.0
References:
- Macromedia: Macromedia Product Security Bulletin (MPSB01-15)
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
