[27895] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

JSP processor 1.1 information disclosure

daemon@ATHENA.MIT.EDU (Andy)
Sat Nov 16 09:33:32 2002

Date: 13 Nov 2002 14:38:54 -0000
Message-ID: <20021113143854.21902.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Andy <andrewpremote@yahoo.co.uk>
To: bugtraq@securityfocus.com

I've been working with IBM http server 1.0 on AS/400 and when requesting a 
JSP page that doesn't exist the JSP processor returns recursive error with 
a listing of information including the root paths and versions of servlets 
that run on the server.

Is this a known vulnerability/misconfiguration?


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[27895] in bugtraq

JSP processor 1.1 information disclosure

daemon@ATHENA.MIT.EDU (Andy)Sat Nov 16 09:33:32 2002

daemon@ATHENA.MIT.EDU (Andy)
Sat Nov 16 09:33:32 2002