CVE-2002-0300

Name of the Vulnerable Software and Affected Versions gnujsp versions 1.0.0 through 1.0.1

Description The issue allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet. This is due to the gnujsp servlet not working around a limitation of JServ and not processing the requested file. Multiple vulnerabilities in the gnujsp package may lead to a breach of protected information, and exploitation can be done remotely.

Recommendations For versions 1.0.0 and 1.0.1, consider restricting access to the gnujsp servlet to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.