JRun Directory Traversal Network Vulnerability

Summary

This host is running the Allaire JRun web server. Versions 2.3.3, 3.0, and 3.1 are vulnerable to a directory traversal attack. This allows a potential intruder to view the contents of any file on the system.

Solution

The vendor has addressed this issue in Macromedia Product Security Bulletin MPSB01-17. Please upgrade to the latest version of JRun available from http://www.allaire.com/

Severity

Classification

CVE CVE-2001-1544

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Struts2 showcase namespace XSS Vulnerability
/cgi-bin directory browsable ?
Apache Archiva Home Page Cross-Site Scripting vulnerability
Apple Safari Multiple Vulnerabilities
Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability

JRun directory traversal

Take action and discover your vulnerabilities