CHINANSL Security Advisory(CSA-200105)

Topic: Tomcat 3.0 for win2000 Directory traversal Vulnerability vulnerable: Tomcat 3.0 for win2000 maybe for other operating system also. discussion: A security vulnerability has been found in Windows NT/2000 systems that have Tomcat 3.0 installed.The vulnerability allows remote attacker

CHINANSL Security Advisory(CSA-200106)

Topic: JavaServer Web Dev Kit(JSWDK)1.0.1 for win2000 Directory traversal Vulnerability vulnerable: Microsoft Win2000 +JSWDK1.0.1 maybe for other operating system also. discussion: A security vulnerability has been found in Windows NT/2000 systems that have JSWDK 1.0.1 installed.The vulne

CHINANSL Security Advisory(CSA-200107)

Topic: IBM WCS 4.0.1 + Application Server 3.0.2 for Solaris 2.7 show ".jsp" source Vulnerability. vulnerable: Solaris 2.7 + IBM WCS4.0,Application Server 3.0.2 discussion: follow URL insert "/" will be downloading ".jsp" source. exploits: http://target/index.jsp/ solution: to http://www.

CHINANSL Security Advisory(CSA-200109)

Topic:Tomcat 4.0-b1 for winnt/2000 show ".jsp" source Vulnerability. vulnerable: winnt/2000 + Tomcat 4.0-b1 discussion: A security vulnerability has been found in Windows NT/2000 systems that have Tomcat 4.0-b1 installed. The vulnerability allows remote attackers to get ".jsp" source.

Re: CHINANSL Security Advisory(CSA-200105)

Hi "Jon S. Stevens", Thanks your reply Today,I download "jakarta-tomcat-4.0-b1.zip" from http://jakarta.apache.org/.but I can build a special URL get "jsp" source of Tomcat4.0-b1. for example: http://localhost:8080/examples/jsp/snp/snoop%2ejsp Thanks again. l

CHINANSL Security Advisory(CSA-200108)

Topic: Tomcat 3.2.1 for win2000 Directory traversal Vulnerability vulnerable: Tomcat 3.2.1 for win2000 maybe for other operating system also. discussion: A security vulnerability has been found in Windows NT/2000 systems that have Tomcat 3.2.1 installed.The vulnerability allows remote a

Re: CHINANSL Security Advisory(CSA-200109)

HI Sverre: Thanks your reply. your website is very nice. Today,I download Tomcat 4.0-b2 but it still can reveal script source code by special URL. please see CHINANSL Security Advisory (CSA- 200110). thanks again. lovehacker All Rights Reserved. http://www.chinansl.com [EMAIL PROTECTED

CHINANSL Security Advisory(CSA-200110)

Topic:Tomcat 4.0-b2 for winnt/2000 show ".jsp" source Vulnerability. vulnerable: winnt/2000(maybe for other operating system also) + Tomcat 4.0-b2 discussion: A security vulnerability has been found in Windows NT/2000 systems that have Tomcat 4.0-b2 installed. The vulnerability allows remote

CHINANSL Security Advisory(CSA-200111)

Topic: Resin 1.2.* & 1.3b1 Javabean file disclosure vulnerability vulnerable: = winnt/2000(maybe other operating system also) +Resin 1.2.* +Resin 1.3b1 discussion: === A security vulnerability has been found in Windows NT/2000 systems that have Resin 1.2.* or Res