tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Remy Maucherat <r...@apache.org>
Subject Re: Fwd: XSS in Jakarta Tomcat 5.5.6
Date Mon, 03 Jan 2005 15:55:37 GMT
Erik Abele wrote:
> not acked, just fwd'ing...

The issues mentioned in this email are very minor so -> tomcat-dev.

> Begin forwarded message:
> 
>> From: "Oliver Karow" <Oliver.Karow@gmx.de>
>> Date: 3. Januar 2005 12:29:12 MEZ
>> To: security@apache.org
>> Subject: XSS in Jakarta Tomcat 5.5.6
>>
>> Hello and a happy new year,
>>
>> during coding a little webapp-security-scanner, i found  
>> cross-site-scripting
>> vulnerabilities in
>> Apache Tomcat/5.5.6 (JVM Version: 1.5.0_01-b08 (Sun  
>> microsystems),running on
>> Windows 2000)
>>
>> First one needs
>> authentication:
>>
>> http://192.168.0.23:8080/manager/html/<script>alert("Hallo")</script>
>> http://192.168.0.23:8080/manager/html/stop? 
>> path=<script>alert("Hallo")</script>
>> http://192.168.0.23:8080/manager/html/start? 
>> path=<script>alert("Hallo")</script>

This is a non issue, so I'd say we won't fix that. It's always possible 
that someone would fix it though, if they care ;)

>> Second one works without authentication, but should not be that easy to
>> exploit:
>>
>> Telnet to port 8080 and paste the following:
>>
>> <script>alert("Hallo")</script> /jsp-examples/snp/snoop.jsp HTTP/1.0

We have decided to fix XSS in the examples web applications (which 
should obviously be removed from production servers), so I assume we 
will fix this.

>> Because i'm not very familiar with Tomcat, i want to ask you, to  
>> verify the
>> existence of this
>> bug. I looked at securityfocus.com to verify the existence of this  
>> bug, but
>> could not find anything regarding
>> this version of Tomcat.
>>
>> If you have any questions, feel free to contact me!
>>
>> Best regards,

Rémy

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message