Exploit Apache Tomcat 5 - Information Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
28254
Проверка EDB
  1. Пройдено
Автор
SCANALERT SECURITY
Тип уязвимости
REMOTE
Платформа
MULTIPLE
CVE
cve-2006-3835
Дата публикации
2006-07-21
Код:
source: https://www.securityfocus.com/bid/19106/info

Apache Tomcat is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. 

An attacker can exploit this issue to reveal a complete directory listing from any directory. Information obtained may aid in further attacks. Reports indicate that this issue may also allow attackers to obtain the source code of script files.

Apache Tomcat 5.028, 5.5.23, 5.5.9, and 5.5.7 are vulnerable to this issue; other versions may also be affected.

Novell GroupWise Mobile Server 1.0 or other versions bundled with Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2 ship with an affected version of Tomcat and are vulnerable as well.

http://www.example.com/;index.jsp
 
Источник
www.exploit-db.com

Похожие темы