Secunia
Login
|
|
CVE Reference: CVE-2005-2006 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-2006 |
|
|
Description: JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (percent) before a filename, which reveals the contents of the file. |
|
|
CVE Status: Candidate |
|
|
References: SUSE ST 1015605 SREASON http://securityreason.com/securityalert/439 SAID Secunia Advisory: SA15746 Secunia Advisory: SA17559 Secunia Advisory: SA18789 HP http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00597967 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0424.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/440641/100/100/threaded http://marc.theaimsgroup.com/?l=bugtraq&m=111911095424496&w=2 BID 13985 |
|
| Return to the previous page. |
