CVE

Id
6389  
CVE No.
CVE-2002-2007  
Status
Candidate  
Description
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.  
Phase
Assigned (20050714)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
36259 6389 CVE-2002-2007 BUGTRAQ:20020529 Vulnerability in Apache Tomcat v3.23 & v3.24  View
36260 6389 CVE-2002-2007 URL:http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00272.html  View
36261 6389 CVE-2002-2007 BUGTRAQ:20020529 Vulnerability in Apache Tomcat v3.23 & v3.24 (part 2)  View
36262 6389 CVE-2002-2007 URL:http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00275.html  View
36263 6389 CVE-2002-2007 MISC:http://www.procheckup.com/security_info/vuln_pr0205.html  View
36264 6389 CVE-2002-2007 MISC:http://www.procheckup.com/security_info/vuln_pr0206.html  View
36265 6389 CVE-2002-2007 MISC:http://www.procheckup.com/security_info/vuln_pr0207.html  View
36266 6389 CVE-2002-2007 CERT-VN:VU#116963  View
36267 6389 CVE-2002-2007 URL:http://www.kb.cert.org/vuls/id/116963  View
36268 6389 CVE-2002-2007 BID:4876  View
36269 6389 CVE-2002-2007 URL:http://www.securityfocus.com/bid/4876  View
36270 6389 CVE-2002-2007 BID:4877  View
36271 6389 CVE-2002-2007 URL:http://www.securityfocus.com/bid/4877  View
36272 6389 CVE-2002-2007 BID:4878  View
36273 6389 CVE-2002-2007 URL:http://www.securityfocus.com/bid/4878  View
36274 6389 CVE-2002-2007 XF:tomcat-sample-reveal-path(9208)  View

Related JVN