Topic:
Tomcat 3.2.1 for win2000 Directory traversal
Vulnerability
vulnerable:
Tomcat 3.2.1 for win2000
maybe for other operating system also.
discussion:
A security vulnerability has been found in Windows
NT/2000 systems that have Tomcat 3.2.1
installed.The
vulnerability allows remote attackers to access files
outside the document root directory scope.
exploits:
http://target:8080/%2e%2e/%2e%2e/%00.jsp
It is possible to cause the Tomcat server to Listing
outside the document root directory scope.
solution:
None
Copyright 2000-2001 CHINANSL. All Rights
Reserved. Terms of use.
CHINANSL Security Team
<[EMAIL PROTECTED]>
CHINANSL INFORMATION TECHNOLOGY CO.,LTD
(http://www.chinansl.com)
