CVE-2007-1036
новости
/
статьи
/
форум
/
программы
/
реклама
/
поиск
/
эксплоиты
[RU]
switch to
English
Version
CVE
CVE-2007-1036
Статус
Candidate
Описание
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
Важность
High
CVSS score
10
CVSS vector
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Phase
Assigned (20.02.2007)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1036
References
BUGTRAQ :
20070220 Jboss vulnerability
BUGTRAQ :
20070220 Re: Jboss vulnerability
BUGTRAQ :
20070220 Re: Jboss vulnerability
CERT-VN :
VU#632656
MISC :
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss
MISC :
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureThe...
SECTRACK :
1017677
XF :
jboss-admin-unauth-access(32596)
SecurityVulns:
Небезопасная конфигурация по-умолчанию в JBoss (insecure defaults)
О сайте
|
Условия использования
©
SecurityVulns
,
3APA3A
, Владимир Дубровин
Нижний Новгород
Enter your search terms
Web
securityvulns.ru
Submit search form
test server
