ID CVE-2001-0590
Summary Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
References
Vulnerable Configurations
  • Apache Software Foundation Tomcat 3.2.2
    cpe:2.3:a:apache:tomcat:3.2.2
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
exploit-db via4
description Apache Tomcat 3.0 Directory Traversal Vulnerability. CVE-2001-0590. Remote exploit for windows platform
id EDB-ID:20716
last seen 2016-02-02
modified 2001-03-28
published 2001-03-28
reporter lovehacker
source https://www.exploit-db.com/download/20716/
title apache tomcat 3.0 - Directory Traversal Vulnerability
nessus via4
NASL family Web Servers
NASL id TOMCAT_NUMGUESS_JSP_SOURCE_DISCLOSURE.NASL
description The remote Apache Tomcat server is affected by an information disclosure vulnerability which allows JSP source code to be sent as a response to an HTTP request that does not end with an HTTP protocol specification. This install is also likely to be affected by a cross-site scripting vulnerability and an additional information disclosure vulnerability, although Nessus did not test explicitly for either of those issues.
last seen 2018-08-02
modified 2018-08-01
plugin id 50347
published 2010-10-26
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=50347
title Apache Tomcat 3.x < 3.2.2 Malformed URL JSP Source Disclosure
refmap via4
bugtraq 20010403 Re: Tomcat may reveal script source code by URL trickery
hp HPSBTL0112-004
osvdb 5580
xf jakarta-tomcat-jsp-source(6971)
Last major update 05-09-2008 - 16:24
Published 02-08-2001 - 00:00
Last modified 09-10-2017 - 21:29
Back to Top