9 lines
No EOL
545 B
Text
9 lines
No EOL
545 B
Text
source: https://www.securityfocus.com/bid/7709/info
|
|
|
|
Sun ONE Application Server is prone to a source code disclosure vulnerability. This issue is due to handling of case in requests for resources. By changing the case of a file extension, the server may fail to interpret the script and instead serve it as a normal web resource.
|
|
|
|
This issue exists for Sun ONE Application Server 7.0 on Microsoft Windows platforms. Previous versions may also be affected.
|
|
|
|
GET /[script].JSP HTTP/1.0
|
|
|
|
where [script] is the name of a script hosted by the server. |