[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Informations about old Sun-java-System-Web-Server/7.0
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: [Full-disclosure] Informations about old Sun-java-System-Web-Server/7.0
- From: Cédric Jeanneret <disclosure@xxxxxxxx>
- Date: Thu, 15 Mar 2012 10:13:08 +0200
Hello list!
I recently discovered that a sensible state service is running the
mentioned java web server (Sun-java-System-Web-Server/7.0).
After some quick wikipedia researches, I found out that it's quiet old
(2009: opensourced by Sun; 2010: renamed by Oracle)..
Does any of you know about security holes, or, better, known bugs of
this app ?
My aim is to point them, so that the state may consider to change it
(for something up-to-date, or, better, real opensource)
I know that our dear Oracle loves to keep security holes/bugs secret,
but hey, we're on Internet. Anything can be known ;). I just don't know
where to search - google (and others) return the default webpage served
by a LOT of servers (yeah, the "it works" thing)...
Thanks in advance!
C.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/