Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

CHINANSL Security Advisory(CSA-200107)

From: lovehacker <lovehacker () 263 NET>
Date: Wed, 28 Mar 2001 06:55:46 -0000
Topic:
IBM WCS 4.0.1 + Application Server 3.0.2 for Solaris 
2.7 show ".jsp" source Vulnerability.

vulnerable:
Solaris 2.7
    + IBM WCS4.0,Application Server 3.0.2

discussion:
follow URL insert "/" will be downloading ".jsp" source.

exploits:
http://target/index.jsp/

solution:
to 
http://www.ibm.com/software/webservers/appserv/efi
x.html download new fix .

Copyright 2000-2001 CHINANSL. All Rights 
Reserved. Terms of use. 

CHINANSL Security Team 
<lovehacker () chinansl com> 
CHINANSL INFORMATION TECHNOLOGY CO.,LTD 
(http://www.chinansl.com)
Previous By Date Next
Previous By Thread Next

Current thread: