|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: lovehacker (lovehacker
263.NET)Date: Sun Apr 01 2001 - 22:56:51 CDT
HI Sverre:
Thanks your reply.
your website is very nice.
Today,I download Tomcat 4.0-b2 but it still can reveal
script source code by special URL.
please see CHINANSL Security Advisory (CSA-
200110).
thanks again.
lovehacker
All Rights Reserved.
http://www.chinansl.com
lovehackerchinansl.com
> [lovehacker]
>
> | Topic:Tomcat 4.0-b1 for winnt/2000 show ".jsp"
> | source Vulnerability. [...]
>
> | exploits:
> | http://target:8080/examples/snp/snoop%2ejsp
>
> This is the same problem I reported a few days
ago. It has already
> been fixed in Tomcat 4.0 beta 2.
>
>
> Sverre.
>
> --
> <URL:mailto:shhthathost.com>
> <URL:http://shh.thathost.com/>
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]