Vulnerability CVE-2009-2445 - CERT Civis.Net

Vulnerability Name:

CVE-2009-2445 (CCN-51547)

Assigned:

2009-07-06

Published:

2009-07-06

Updated:

2011-08-29

Summary:

Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2009-2445

Source: CCN
Type: isowarez Web site
Sun One WebServer 6.1 JSP Source Viewing vulnerability

Source: MISC
Type: Exploit
http://isowarez.de/SunOne_Webserver.txt

Source: JVN
Type: UNKNOWN
JVN#47124169

Source: JVNDB
Type: UNKNOWN
JVNDB-2009-002069

Source: CCN
Type: SA35701
Sun Java System Web Server Java Server Pages Content Disclosure

Source: SECUNIA
Type: Vendor Advisory
35701

Source: CCN
Type: SECTRACK ID: 1022511
Sun Java System Web Server Discloses JSP Source Code to Remote Users

Source: SECTRACK
Type: Exploit
1022511

Source: SUNALERT
Type: Vendor Advisory
266429

Source: OSVDB
Type: UNKNOWN
55655

Source: CCN
Type: OSVDB ID: 55655
Sun Java System Web Server ::$DATA Extension Request JSP Resource Disclosure

Source: CCN
Type: BID-35577
Sun Java System Web Server '.jsp' File Information Disclosure Vulnerability

Source: CCN
Type: Sun Microsystems Web site
Sun Java System Web Server

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1786

Source: XF
Type: UNKNOWN
jsws-javaserver-info-disclosure(51547)

Vulnerable Configuration:

Configuration 1:

cpe:/a:sun:java_system_web_server:6.1:*:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp10:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp11:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp4:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp5:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp6:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp7:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp8:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp9:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:7.0:update_5:windows:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:7.0:update_6:windows:*:*:*:*:*

Configuration CCN 1:

cpe:/a:sun:java_system_web_server:7.0:*:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp10:aix:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp11:windows:*:*:*:*:*

Denotes that component is vulnerable