tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 38828] New: - Security vulnerability
Date Thu, 02 Mar 2006 10:08:41 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38828>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=38828

           Summary: Security vulnerability
           Product: Tomcat 5
           Version: Unknown
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: major
          Priority: P1
         Component: Webapps:Examples
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: shantalabhat@hotmail.com


snoop.jsp under tomcat example has security vulnerability.A remote attacker 
could use this script to view internal IP addresses and other sensitive 
information. Shipping it by default raises security loop holes regarding the 
server.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message