Oracle GlassFish Server Administration Console Authentication Bypass Remote Code Execution Exploit

The Administration Console of Oracle GlassFish Server is prone to an authentication bypass vulnerability, which can be achieved by performing HTTP TRACE requests. A remote unauthenticated attacker can exploit this in order to execute arbitrary code on the vulnerable server.
Vulnerabilty ID: 
CVE-2011-1511
Product Version: 
11.0
Released Date: 
Thursday, August 4, 2011 - 00:00