The Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. This vulnerability exploits a configuration flaw in the default setup of the server.
Sun Java web server 2.0 and earlier (specifically versions 1.4 and below). Check with: find / -name "sun-web-server.jar" 2>/dev/null
Note: This is an older vulnerability, and it's recommended to upgrade to a newer version of the Sun Java web server or migrate to a different web server solution.
Upgrade to Sun Java web server 7.0 or later: https://www.oracle.com/java/technologies/javase-downloads.html
- If immediate upgrade isn't possible, restrict network access to your Sun Java web server instance (firewall it from the public internet) and monitor for suspicious activity.