[Full-disclosure] Informations about old Sun-java-System-Web-Server/7.0
- From: Cédric Jeanneret <disclosure@xxxxxxxx>
- Date: Thu, 15 Mar 2012 10:13:08 +0200
I recently discovered that a sensible state service is running the
mentioned java web server (Sun-java-System-Web-Server/7.0).
After some quick wikipedia researches, I found out that it's quiet old
(2009: opensourced by Sun; 2010: renamed by Oracle)..
Does any of you know about security holes, or, better, known bugs of
this app ?
My aim is to point them, so that the state may consider to change it
(for something up-to-date, or, better, real opensource)
I know that our dear Oracle loves to keep security holes/bugs secret,
but hey, we're on Internet. Anything can be known ;). I just don't know
where to search - google (and others) return the default webpage served
by a LOT of servers (yeah, the "it works" thing)...
Thanks in advance!
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: [Full-disclosure] Oracle Exadata Infiniband Switch default logins and world readable shadow file
- Next by Date: Re: [Full-disclosure] [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution
- Previous by thread: [Full-disclosure] Oracle Exadata Infiniband Switch default logins and world readable shadow file
- Next by thread: [Full-disclosure] Earth to Facebook