Involved program: JRUN description: AllairJRUN illegal read WEB-INF vulnerability details: a serious security vulnerability exists in Allaire's JRUN server version 2.3. It allows an attacker to view the WEB-INF directory on the JRun3.0 server. If the user adds a "" to make the URL malformed URL when submitting a URL request, JRun
Involved procedures:
JRUN
Description:
Illegal WEB-INF read vulnerability in Allair JRUN
Details:
A serious security vulnerability exists in Allaire JRUN Server 2.3. It allows an attacker to view the WEB-INF directory on the JRun 3.0 server.
If a user makes a URL malformed by attaching a '/' when submitting a URL request, all subdirectories under the WEB-INF will be exposed. Attackers can exploit this vulnerability to gain remote access to all files in the WEB-INF Directory of the target host system.
For example, using the following URL exposes all files under the WEB-INF:
Http://site.running.jrun: 8100 // WEB-INF/
Affected systems:
Allaire JRun 3.0
Solution:
Download and install the patch:
Allaire patch jr233p_ASB00_28_29
Http://download.allaire.com/jrun/jr233p_ASB00_28_29.zip
Windows 95/98/NT/2000 and Windows NT Alpha
Allaire patch jr233p_ASB00_28_29tar
Http://download.allaire.com/jrun/jr233p_ASB00_28_29.tar.gz
UNIX/Linux patch-GNU gzip/tar