|
|
Apache Tomcat Web Root Path Disclosure Vulnerability
A vulnerability has been reported for Apache Tomcat on a Microsoft Windows platform. Reportedly, it is possible for a remote attacker to make requests that will result in Apache Tomcat returning an error page containing information that includes the absolute path to the server's web root. For example, submitting a request for LPT9 to Tomcat will result in the following error message: "java.io.FileNotFoundException: C:\Program Files\Apache Tomcat 4.0\webapps\ROOT\lpt9 (The system cannot find the file specified)" |
|
Privacy Statement |