CVE-2009-4609

Name of the Vulnerable Software and Affected Versions Mort Bay Jetty versions 6.x through 7.0.0

Description The issue allows remote attackers to obtain sensitive information about internal variables and other data. This is achieved by sending a request to a URI ending in /dump/, which can reveal the value of variables such as getPathTranslated.

Recommendations For Mort Bay Jetty versions 6.x through 7.0.0, consider restricting access to the Dump Servlet to minimize the risk of exploitation. As a temporary workaround, disabling the Dump Servlet functionality until a patch is available can help mitigate the issue.