ID CVE-2000-0759
Summary Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
References
Vulnerable Configurations
  • Apache Software Foundation Tomcat 3.1
    cpe:2.3:a:apache:tomcat:3.1
CVSS
Base: 6.4 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
exploit-db via4
description Apache Tomcat 3.1 Path Revealing Vulnerability. CVE-2000-0759. Remote exploits for multiple platform
id EDB-ID:20131
last seen 2016-02-02
modified 2000-07-20
published 2000-07-20
reporter ET LoWNOISE
source https://www.exploit-db.com/download/20131/
title Apache Tomcat 3.1 - Path Revealing Vulnerability
nessus via4
NASL family CGI abuses
NASL id TOMCAT_PATH_DISCLOSURE.NASL
description Tomcat will reveal the physical path of the webroot when asked for a nonexistent .jsp file. An unauthenticated, remote attacker can exploit this via a specially crafted request. An attacker can use this flaw to gain further knowledge about the remote filesystem layout.
last seen 2019-02-21
modified 2018-08-01
plugin id 10807
published 2001-11-25
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10807
title Apache Tomcat Nonexistent File Error Message Path Disclosure
refmap via4
bid 1531
bugtraq 20000719 [LoWNOISE] Tomcat 3.1 Path Revealing Problem.
xf tomcat-error-path-reveal(4967)
Last major update 05-09-2008 - 16:21
Published 20-10-2000 - 00:00
Back to Top