Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our speciality !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Tomcat

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security
Author Message
thedark
Second Lieutenant


Joined: 30 Jul 2005
Posts: 1074

PostPosted: Thu Aug 04, 2005 12:23 am    Post subject: Tomcat Reply with quote
A security vulnerability has been confirmed to exist in Apache Tomcat4.0.x releases (including Tomcat 4.0.5), which allows to use a speciallycrafted URL to return the unprocessed source of a JSP page, or, underspecial circumstances, a static resource which would otherwise have beenprotected by security constraint, without the need for being properlyauthenticated. This is based on a variant of the exploit that wasdisclosed on 09/24/2002.Read the full disclosure athttp://marc.theaimsgroup.com/?l=tomcat-dev...17249325526&w=2
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group