| VID |
22114 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Servlet |
| Detailed Description |
The Allaire JRun web server has sample files installed that expose security issues. Several of the sample files that come with JRun contain serious security flaws. An attacker can use these scripts to relay web requests from this machine to another one or view sensitive configuration information. |
| Recommendation |
As a general security best practice, sample code and example applications should not be installed on production servers. Remove the sample files and any other files that are not required. |
| Related URL |
CVE-2000-0539,CVE-2000-0540 (CVE) |
| Related URL |
1386 (SecurityFocus) |
| Related URL |
4774 (ISS) |
|
