|
|
CVE Reference: CVE-2003-0042 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2003-0042 |
|
|
Description: Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/11194 VULNWATCH SAID Secunia Advisory: SA7972 Secunia Advisory: SA7977 HP http://www.securityfocus.com/advisories/5111 DEBIAN http://www.debian.org/security/2003/dsa-246 CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ CIAC http://www.ciac.org/ciac/bulletins/n-060.shtml BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=104394568616290&w=2 BID 6721 |
|
| Return to the previous page. |
