CVE-2000-0629

Name of the Vulnerable Software and Affected Versions Sun Java web server versions 2.0 and earlier

Description The default configuration of the Sun Java web server allows remote attackers to execute arbitrary commands. This is achieved by uploading Java code to the server via "board.html", then directly calling the JSP compiler servlet.

Recommendations For Sun Java web server versions 2.0 and earlier, consider disabling the JSP compiler servlet as a temporary workaround until a patch is available. Restrict access to the "board.html" page to minimize the risk of exploitation.