module
Sun Java System Web Server WebDAV OPTIONS Buffer Overflow
| Disclosed | Created |
|---|---|
| 2010-01-20 | 2018-05-30 |
Disclosed
2010-01-20
Created
2018-05-30
Description
This module exploits a buffer overflow in Sun Java Web Server prior to
version 7 Update 8. By sending an "OPTIONS" request with an overly long
path, attackers can execute arbitrary code. In order to reach the vulnerable
code, the attacker must also specify the path to a directory with WebDAV
enabled.
This exploit was tested and confirmed to work on Windows XP SP3 without DEP.
Versions for other platforms are vulnerable as well.
The vulnerability was originally discovered and disclosed by Evgeny Legerov of
Intevydis.
version 7 Update 8. By sending an "OPTIONS" request with an overly long
path, attackers can execute arbitrary code. In order to reach the vulnerable
code, the attacker must also specify the path to a directory with WebDAV
enabled.
This exploit was tested and confirmed to work on Windows XP SP3 without DEP.
Versions for other platforms are vulnerable as well.
The vulnerability was originally discovered and disclosed by Evgeny Legerov of
Intevydis.
Author
jduck jduck@metasploit.com
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.