|Title:||Tomcat's snoop servlet gives too much information|
|Summary:||Checks for the presence of /examples/jsp/snp/anything.snp|
The 'snoop' tomcat's servlet is installed.
This servlet gives too much information about
the remote host, such as the PATHs in use,
the host kernel version and so on...
This allows an attacker to gain more knowledge
about this host, and make more precise attacks
thanks to this.
Solution : delete this servlet
Risk factor : Low
BugTraq ID: 1532|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0760
Bugtraq: 20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0) (Google Search)
XForce ISS Database: tomcat-snoop-info
|Copyright||This script is Copyright (C) 2000 Renaud Deraison|
|This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.