Vulnonym.org

CVE-2008-2406 - Mycelial Breeze

Description

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=710 http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1 http://www.securitytracker.com/id?1020191 http://secunia.com/advisories/30523 http://www.securityfocus.com/bid/29539 http://www.vupen.com/english/advisories/2008/1742/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42833