PT-2002-2730 · Apache · Apache Tomcat
Published
2002-12-31
·
Updated
2022-04-30
·
CVE-2002-2009
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Apache Tomcat version 4.0.1
Description
The issue allows remote attackers to obtain the web root path via specific HTTP requests for JSP files. This can be achieved by preceding the JSP file name with certain characters, such as
+/, >/, </, or %20/, which results in an error message that leaks the pathname. Additionally, requests for JSP files with long file names can also lead to the disclosure of the full file system path to the JSP file.Recommendations
For Apache Tomcat version 4.0.1, consider restricting access to JSP files to minimize the risk of path disclosure until a patch is available. As a temporary workaround, avoid using JSP file names that are preceded by vulnerable characters or are excessively long.
Exploit
Fix
Generation of Error Message Containing Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Tomcat