about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability




2006-07-23 Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability 
Rated as : High Risk

ScanAlert Security Advisory - http://www.scanalert.com

Directory Listing in Apache Tomcat 5.x.x

Date: 07/21/2006
Vendor: Apache
Package: Tomcat
Versions: 5.x.x (5.0.28, 5.5.12, 5.5.9, and 5.5.7 . Confirmed)
Credit: ScanAlert.s Enterprise Services Team.

Overview:
Apache Tomcat is the servlet container that is used in the official
Reference Implementation 
for the Java Servlet and JavaServer Pages technologies.

Vulnerabilities:
Apache Tomcat can be forced to reveal a complete directory listing for any
directory by requesting 
a mapped file extension prepended with a semicolon, a reserved character.
The file does not need to exist.

Examples:
http://www.sitexyz.com/;index.jsp
http://www.sitexyz.com/help/;help.do


securitydot.net - 2006-07-23

Advertising

Copyright 2007, SecurityDot
Mon, 08 Sep 2008 08:27:38 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.xpass. com_joomla PureFTPd e mambo Remo BD96C556-6 Searching Wapstrik Linux RPC- Deborah se Www sexyla ssxygirls WWW.WOLD.S Searching Imege sex 200 /compo CMS is Fre torrie wil search/exp pinaysex Youngporn c99.php\0 Sexyseens php-nuke 2 www.sexy+p Vidio hot Show the p mambo Remo Searching apache 1.3 200 /compo www.saxe.c guest book fire fox Www pooja Www pooja Indian ace sslopen exploit de port 38 php-nuke+2 koollywood mambo Remo linux loca securilive SESSID dr raj all cartoo IceWarp We Www.videos free sex v