ID CVE-2011-0807
Summary Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.
References
Vulnerable Configurations
  • Sun Java System Application Server 9.1
    cpe:2.3:a:sun:java_system_application_server:9.1
  • Oracle GlassFish Server 2.1
    cpe:2.3:a:oracle:glassfish_server:2.1
  • Oracle GlassFish Enterprise Server 2.1.1
    cpe:2.3:a:oracle:glassfish_server:2.1.1
  • Oracle GlassFish Server 3.0.1
    cpe:2.3:a:oracle:glassfish_server:3.0.1
CVSS
Base: 10.0 (as of 20-04-2011 - 11:43)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Sun/Oracle GlassFish Server Authenticated Code Execution. CVE-2011-0807. Webapps exploit for jsp platform
id EDB-ID:17615
last seen 2016-02-02
modified 2011-08-05
published 2011-08-05
reporter metasploit
source https://www.exploit-db.com/download/17615/
title Sun/Oracle GlassFish Server Authenticated Code Execution
metasploit via4
  • description This module logs in to a GlassFish Server (Open Source or Commercial) using various methods (such as authentication bypass, default credentials, or user-supplied login), and deploys a malicious war file in order to get remote code execution. It has been tested on Glassfish 2.x, 3.0, 4.0 and Sun Java System Application Server 9.x. Newer GlassFish versions do not allow remote access (Secure Admin) by default, but is required for exploitation.
    id MSF:EXPLOIT/MULTI/HTTP/GLASSFISH_DEPLOYER
    last seen 2019-02-20
    modified 2018-08-07
    published 2013-10-15
    reliability Excellent
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/glassfish_deployer.rb
    title Sun/Oracle GlassFish Server Authenticated Code Execution
  • description This module attempts to login to GlassFish instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It will also try to do an authentication bypass against older versions of GlassFish. Note: by default, GlassFish 4.0 requires HTTPS, which means you must set the SSL option to true, and SSLVersion to TLS1. It also needs Secure Admin to access the DAS remotely.
    id MSF:AUXILIARY/SCANNER/HTTP/GLASSFISH_LOGIN
    last seen 2019-03-26
    modified 2017-07-24
    published 2013-01-31
    reliability Normal
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/glassfish_login.rb
    title GlassFish Brute Force Utility
nessus via4
NASL family CGI abuses
NASL id GLASSFISH_GET_AUTH_BYPASS.NASL
description The version of GlassFish Server running on the remote host has an authentication bypass vulnerability. The server fails to enforce authentication on HTTP requests that contain lower case method names (e.g. 'get'). A remote, unauthenticated attacker could exploit this to upload and execute arbitrary code.
last seen 2019-02-21
modified 2018-11-15
plugin id 55931
published 2011-08-17
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=55931
title Oracle GlassFish Server Administration Console GET Request Authentication Bypass
packetstorm via4
data source https://packetstormsecurity.com/files/download/103714/glassfish_deployer.rb.txt
id PACKETSTORM:103714
last seen 2016-12-05
published 2011-08-04
reporter Joshua D. Abraham
source https://packetstormsecurity.com/files/103714/Sun-Oracle-GlassFish-Server-Authenticated-Code-Execution.html
title Sun/Oracle GlassFish Server Authenticated Code Execution
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
sreason 8327
Last major update 21-09-2011 - 23:28
Published 19-04-2011 - 23:14
Back to Top