Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:2061 |
| Message | WEB-MISC Tomcat null byte directory listing attempt |
| Summary | Jakarta Tomcat webserver. |
| Impact | Information disclosure |
| Detailed Information | A vulnerability exists in Jakarta Tomcat webservers prior to version 3.3.1a such that a request containing a null byte will result in a directory listing or present the opportunity to view the source of a java servlet on the server. This occurs wether or not an index file is present in the directory. |
| Affected Systems | Jakarta Tomcat web application server prior to version 3.3.1a |
| Attack Scenarios | The attacker needs to supply a null byte in a URI request to the server. |
| Ease of Attack | Simple |
| Corrective Action | Upgrade the server to the latest non-affected version. |
| Additional References | CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0042 Apache Jakarta Tomcat: http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ |
| Rule References | bugtraq: 2518 bugtraq: 6721 cve: 2003-0042 nessus: 11438 |
--
DID:604940
--
http://www.aanval.com/