---------- From: lovehacker <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Mon, 2 Apr 2001 03:49:00 -0000 To: [EMAIL PROTECTED] Subject: CHINANSL Security Advisory(CSA-200110) Topic:Tomcat 4.0-b2 for winnt/2000 show ".jsp" source Vulnerability. vulnerable: winnt/2000(maybe for other operating system also) + Tomcat 4.0-b2 discussion: A security vulnerability has been found in Windows NT/2000 systems that have Tomcat 4.0-b2 installed. The vulnerability allows remote attackers to get ".jsp" source. exploits: http://target:8080/examples/snp/snoop%252ejsp solution: None Copyright 2000-2001 CHINANSL. All Rights Reserved. Terms of use. CHINANSL Security Team <[EMAIL PROTECTED]> CHINANSL INFORMATION TECHNOLOGY CO.,LTD (http://www.chinansl.com)