HomePentest-Tools.com Logo

Apache Tomcat source.jsp malformed request information disclosure CVE-2000-1210

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

The source.jsp file, distributed with Apache Tomcat server, will disclose information when passed a malformed request.

Risk description

As a result, information such as the web root path and directory listings could be obtained. Examples: http://example.com/examples/jsp/source.jsp?? - reveals the web root http://example.com/examples/jsp/source.jsp?/jsp/ - reveals the contents of the jsp directory

Recommendation

Remove default files from the web server.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 22, 2002
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available