| VID |
22115 |
| Severity |
40 |
| Port |
9090 |
| Protocol |
TCP |
| Class |
Servlet |
| Detailed Description |
The Sun JavaServer has the default username and password of admin.
If the remote Sun JavaServer admin password has been changed, an attacker can use this to gain complete control over the web server configuration and possibly execute commands.
* References:
http://cgi.nessus.org/plugins/dump.php3?id=10995 |
| Recommendation |
Set the web administration interface to require a complex password.
For more information please consult the documentation located in the /system/ directory of the web server. |
| Related URL |
CVE-1999-0508 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
