Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: JSP source code exposure in Tomcat 4.x
From: DominusQ <dominusq () unixpimp dk>
Date: Tue, 24 Sep 2002 18:19:09 +0200
On Tue, 24 Sep 2002 10:12:44 -0400
Rossen Raykov <Rossen.Raykov () CognicaseUSA com> wrote:

      Tomcat 4.x JSP source exposure security advisory

1. Summary
Tomcat 4.0.4 and 4.1.10 (probably all other earlier versions also) are
vulnerable to source code exposure by using the default servlet
org.apache.catalina.servlets.DefaultServlet.


3.2.x versions doesn't seem to be vulnerable to this, but indeed the
4.1.x versions are.


-- 
Information is bliss! give it a try!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]