Flaw: Sun One Application Server

Security specialist @Stake says a module that ships with Sun's Sun One Application Server has a flaw that could be exploited by outside attackers to give them control of the running Web server.

The flaw is in the Connector Module, a Netscape Server Application Programming Interface (NSAPI) plug-in that integrates the Sun One Web Server with the Application Server.

@Stake advisory: http://www.atstake.com/research/advisories/2003/index.html#031303-1

Sun advisory and patch: http://wwws.sun.com/software/download/products/3e3afb89.html

Join the newsletter!

Error: Please check your email address.

More about AtStake

Show Comments