ID CVE-2000-0760
Summary The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
References
Vulnerable Configurations
  • Apache Software Foundation Tomcat 3.0
    cpe:2.3:a:apache:tomcat:3.0
  • Apache Software Foundation Tomcat 3.1
    cpe:2.3:a:apache:tomcat:3.1
CVSS
Base: 6.4 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
exploit-db via4
description Tomcat 3.0/3.1 Snoop Servlet Information Disclosure Vulnerability. CVE-2000-0760. Remote exploits for multiple platform
id EDB-ID:20132
last seen 2016-02-02
modified 2000-07-20
published 2000-07-20
reporter ET LoWNOISE
source https://www.exploit-db.com/download/20132/
title Tomcat 3.0/3.1 Snoop Servlet Information Disclosure Vulnerability
nessus via4
NASL family CGI abuses
NASL id TOMCAT_SNOOP.NASL
description The 'snoop' Tomcat servlet is installed. This servlet gives too much information about the remote host, such as the PATHs in use, the host kernel version, etc. A remote attacker can exploit this to gain more knowledge about the host, allowing an attacker to conduct further attacks.
last seen 2018-01-26
modified 2018-01-24
plugin id 10478
published 2000-07-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10478
title Apache Tomcat Snoop Servlet Remote Information Disclosure
refmap via4
bid 1532
bugtraq 20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0)
xf tomcat-snoop-info
Last major update 05-09-2008 - 16:21
Published 20-10-2000 - 00:00
Back to Top