Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Macromedia JRun Admin Server Authentication Bypass

Macromedia JRun Admin Server Authentication Bypass

by Nikola Strahija on June 28th, 2002 JRun is Macromedia's servlet / jsp engine. It installs an web based administration console on TCP port 8000. Before using the console users are required to login via an HTML form. This form can be bypassed, and administrative functions accessed without authentication.


Details:
========
The login form is the default page served up by the server on port 8000.
By inserting an extra '/' in the URL we bypass the login form and gain
access to the web based admin console, e.g.


http://JRun-Server//


We do not have unrestricted access to the admin console - clicking on further links
returns you to the login page. However, by requesting the desired admin function
in the initial URL we bypass this restriction also, e.g:


JRun-Server:8000//welcome.jsp?&action=stop&server=default


will shutdown the 'default' JRun server instance on port 8100. Other administrative
functions can also be accessed.


Patch Information:
==================


Macromedia have produced a cumulative patch for JRun 3.0/3.1/4.0,
availability of which is described in the bulletin at:


http://www.macromedia.com/v1/handlers/index.cfm?ID=23164


This advisory is available online at:


http://www.westpoint.ltd.uk/advisories/wp-02-0009.txt






Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »