CVE-2009-2445 - OpenCVE

Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Sun	Java System Web Server

Configuration 1 [-]

OR	cpe:2.3:a:sun:java_system_web_server:6.1::windows:::::
	cpe:2.3:a:sun:java_system_web_server:6.1:sp10:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp11:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp4:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp5:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp6:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp7:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp8:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp9:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:7.0:update_5:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:7.0:update_6:windows:::::*

References

Link	Resource
http://isowarez.de/SunOne_Webserver.txt	Exploit
http://jvn.jp/en/jp/JVN47124169/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069
http://secunia.com/advisories/35701	Vendor Advisory
http://securitytracker.com/id?1022511	Exploit
http://sunsolve.sun.com/search/document.do?assetkey=1-26-266429-1	Vendor Advisory
http://www.osvdb.org/55655
http://www.vupen.com/english/advisories/2009/1786	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-07-13T17:00:00

Updated: 2009-09-01T09:00:00

Reserved: 2009-07-13T00:00:00

Link: CVE-2009-2445

JSON object: View

NVD Information

Status : Analyzed

Published: 2009-07-13T17:30:00.187

Modified: 2011-08-29T04:00:00.000

Link: CVE-2009-2445

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-07-06T00:00:00", "descriptions": [{"lang": "en", "value": "Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-09-01T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "JVN#47124169", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN47124169/index.html"}, {"name": "266429", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-266429-1"}, {"name": "35701", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35701"}, {"name": "ADV-2009-1786", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1786"}, {"name": "JVNDB-2009-002069", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069"}, {"name": "55655", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/55655"}, {"name": "1022511", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1022511"}, {"tags": ["x_refsource_MISC"], "url": "http://isowarez.de/SunOne_Webserver.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-2445", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "JVN#47124169", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN47124169/index.html"}, {"name": "266429", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-266429-1"}, {"name": "35701", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35701"}, {"name": "ADV-2009-1786", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1786"}, {"name": "JVNDB-2009-002069", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069"}, {"name": "55655", "refsource": "OSVDB", "url": "http://www.osvdb.org/55655"}, {"name": "1022511", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1022511"}, {"name": "http://isowarez.de/SunOne_Webserver.txt", "refsource": "MISC", "url": "http://isowarez.de/SunOne_Webserver.txt"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-2445", "datePublished": "2009-07-13T17:00:00", "dateReserved": "2009-07-13T00:00:00", "dateUpdated": "2009-09-01T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:*:windows:*:*:*:*:*", "matchCriteriaId": "DCFD3C8D-6E79-4DA6-A600-D952C8E5A151", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp10:windows:*:*:*:*:*", "matchCriteriaId": "A7BDC9E6-87C4-4AE1-AEAD-518CCFF853E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp11:windows:*:*:*:*:*", "matchCriteriaId": "BC9F5EA1-0CE5-417E-AE65-F4C47376DEEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp4:windows:*:*:*:*:*", "matchCriteriaId": "A018481B-EB48-4C4E-A1E4-324DCC437441", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp5:windows:*:*:*:*:*", "matchCriteriaId": "B0FEC983-91A6-4708-8308-B77B0FD2D9DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp6:windows:*:*:*:*:*", "matchCriteriaId": "431D609A-AA61-4C7C-8F4A-8B01DB2E32E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp7:windows:*:*:*:*:*", "matchCriteriaId": "37CBE122-47ED-4659-B15A-55FAF15BA63C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp8:windows:*:*:*:*:*", "matchCriteriaId": "E3866A08-0CFA-473D-BBE5-4736282A6446", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp9:windows:*:*:*:*:*", "matchCriteriaId": "4541C58C-45F1-4F17-82B9-E33BE693D8DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:7.0:update_5:windows:*:*:*:*:*", "matchCriteriaId": "5DE90647-CF0D-4920-9F7A-B13572D7D71A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:7.0:update_6:windows:*:*:*:*:*", "matchCriteriaId": "C705F770-5086-4926-A110-A32D4170B8A6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI."}, {"lang": "es", "value": "iPlanet Web Server de Oracle (anteriormente Sun Java System Web Server o Sun ONE Web Server) versi\u00f3n 6.1 anterior a SP12, y versi\u00f3n 7.0 hasta Update 6, cuando se ejecutan en Windows, permite a los atacantes remotos leer archivos JSP arbitrarios por medio de una sintaxis de flujo de datos alternativa, como es demostrado por un URI .jsp::$DATA."}], "id": "CVE-2009-2445", "lastModified": "2011-08-29T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-07-13T17:30:00.187", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://isowarez.de/SunOne_Webserver.txt"}, {"source": "cve@mitre.org", "url": "http://jvn.jp/en/jp/JVN47124169/index.html"}, {"source": "cve@mitre.org", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35701"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1022511"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-266429-1"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/55655"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1786"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}