Topic:
IBM WCS 4.0.1 + Application Server 3.0.2 for Solaris
2.7 show ".jsp" source Vulnerability.
vulnerable:
Solaris 2.7
+ IBM WCS4.0,Application Server 3.0.2
discussion:
follow URL insert "/" will be downloading ".jsp" source.
exploits:
http://target/index.jsp/
solution:
to
http://www.ibm.com/software/webservers/appserv/efi
x.html download new fix .
Copyright 2000-2001 CHINANSL. All Rights
Reserved. Terms of use.
CHINANSL Security Team
<[EMAIL PROTECTED]>
CHINANSL INFORMATION TECHNOLOGY CO.,LTD
(http://www.chinansl.com)
