[NEWS] Tomcat Real Path Disclosure Vulnerability

• Previous message: support@securiteam.com: "[NT] DoS in Multiple IE Versions (Self-Referenced Directives)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: support@securiteam.com
To: list@securiteam.com
Date: Sat, 20 Apr 2002 19:25:26 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Tomcat Real Path Disclosure Vulnerability
------------------------------------------------------------------------

SUMMARY

A security vulnerability in Tomcat allows remote attackers to determine
the true path used by the remote web server. This would assist an attacker
in better constructing more harmful attacks.

DETAILS

Vulnerable systems:
Tomcat version 4.0.1

Immune systems:
Tomcat version 3.2.3

Example:
Accessing any of the following URLs will reveal the true patch of where
the file is stored:
http://tomcat4.1/+/index.jsp
http://tomcat4.1/>/index.jsp
http://tomcat4.1/%20/index.jsp
http://tomcat4.1/

ADDITIONAL INFORMATION

The information has been provided by <mailto:lovehacker@chinansl.com>
Wang Yun, <mailto:jtesta@rapid7.com> Joe Testa, and
<mailto:ian@darwinsys.com> Ian Darwin.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

• Previous message: support@securiteam.com: "[NT] DoS in Multiple IE Versions (Self-Referenced Directives)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [UNIX] DCP-Portal Root Path Disclosure ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A security vulnerability in the product allows ... remote attackers to reveal the true path used by the product. ... (Securiteam) [NEWS] SpiDynamics WebInspect Keeps Track of Its Users (Trial License) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... WebInspect, S.P.I. Dynamic's premier product, is a network-based web ... We make no effort to hide that this remote authentication is done. ... (Securiteam) [NEWS] Hosting.com Cross-Site Scripting Vulnerability ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... attackers to cause the program to insert HTML and JavaScript into user ... Most variables passed to the webmail script used by hosting.com (formerly ... (Securiteam) [NT] DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... requests and to allow attackers to download files that reside the outside ... (Securiteam) [UNIX] Multiple Security Issues in Geeklog (XSS, SQL Inject) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... the vulnerabilities would allow a remote attacker to ... SQL Injection: ... (Securiteam)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint