Vulnerability   
Search   
    Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:10478
Category:CGI abuses
Title:Tomcat's snoop servlet gives too much information
Summary:NOSUMMARY
Description:Description:

The 'snoop' tomcat's servlet is installed.
(/examples/jsp/snp/anything.snp)

This servlet gives too much information about
the remote host, such as the PATHs in use,
the host kernel version and so on...

This allows an attacker to gain more knowledge
about this host, and make more precise attacks
thanks to this.

Solution : delete this servlet

Risk factor : Low

Cross-Ref: BugTraq ID: 1532
Common Vulnerability Exposure (CVE) ID: CVE-2000-0760
http://www.securityfocus.com/bid/1532
Bugtraq: 20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0) (Google Search)
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000@grex.cyberspace.org
XForce ISS Database: tomcat-snoop-info
CopyrightThis script is Copyright (C) 2000 Renaud Deraison

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.