10 lines
No EOL
644 B
Text
10 lines
No EOL
644 B
Text
source: http://www.securityfocus.com/bid/4575/info
|
|
|
|
Apache Tomcat is a servlet container for use with the Java Servlet and JavaServer Pages technologies. Tomcat may be run on most UNIX and Linux variants as well as Microsoft Windows.
|
|
|
|
Apache Tomcat ships with a number of example classes (SnoopServlet and TroubleShooter) that may reveal the absolute path of the Tomcat installation when requested.
|
|
|
|
Disclosure of this type of sensitive information may aid in further attacks against the host running the vulnerable software.
|
|
|
|
http://localhost:8080/examples/servlet/SnoopServlet
|
|
http://localhost:8080/examples/servlet/TroubleShooter |