Summary
This host is running the Sun JavaServer. This
server has the default username and password
of admin. An attacker can use this to gain
complete control over the web server
configuration and possibly execute commands.
Solution
Set the web administration interface to require a
complex password. For more information please
consult the documentation located in the /system/ directory of the web server.
Severity
Classification
-
CVE CVE-1999-0508 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Reader Unspecified Vulnerability (Windows)
- Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)
- Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
- Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
- Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Win)