| VID |
22234 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Servlet |
| Detailed Description |
Resin /caucho-status page is accessible. Resin, developed by Caucho Technology, is a servlet and Java Server Pages (JSP) engine that supports Java and JavaScript. Requesting the URI /caucho-status shows a simple status page that contains information about the currently running Resin java servlet container.
* Platforms Affected:
Resin Any version
Unix Any version
Windows Any version |
| Recommendation |
If it is not required, disable this feature. To disable this feature, set the content of the '<caucho-status>' element to 'false' in the resin.conf file like the followings:
<!-- To disable /caucho-status, set this to false -->
<caucho-status>false</caucho-status> |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
