| VID |
22160 |
| Severity |
30 |
| Port |
8080 |
| Protocol |
TCP |
| Class |
Servlet |
| Detailed Description |
The Apache Tomcat server has a JSP source revealing vulnerability via a default servlet.
Apache Tomcat is a Java application server used with Apache HTTP Server to support JavaServer Pages (JSP) and Java servlets. Tomcat 4.0.4 and 4.1.10 and earlier are vulnerable to source code exposure by using the default servlet org.apache.catalina.servlets.DefaultServlet. A remote attacker can send a specially-crafted URL request for a known JavaServer Pages (JSP) to bypass protection and obtain the source code of the requested JSP page, and possibly obtain database passwords and file names.
For example to see the JSP source of Tomcat 4.1.10 admin application:
http://localhost:8080/admin/index.jsp
Execute
http://localhost:8080/admin/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
* Platforms Affected:
Tomcat version 4.0.4 and earlier
Tomcat version 4.1.10 and earlier
UNIX/Linux Any version
Windows Any version
* References:
http://online.securityfocus.com/bid/5786
http://www.iss.net/security_center/static/10175.php |
| Recommendation |
For Apache Tomcat 4.0.x:
Apply the patch for this vulnerability, available from the Jakarta Web site, http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/
For Apache Tomcat 4.1.x:
Upgrade to the latest releases (4.1.12 or later), available from the Jakarta Web site, http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/ |
| Related URL |
CVE-2002-1148 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
