Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Full path disclosure vulnerabilty in Sun's Web site

From: J_Bourdeau () videotron ca
Date: Sat, 26 Jan 2002 21:02:31 GMT
Hi,

at three time, I sent a message to Sun's web team about
a full path disclosure vulnerability they have in their 
website, but withtout any acknowledge or correction of 
it.

Sun's website use .jhtml files. The Java engine computing 
these pages do not handle errors properly and return the 
full path of the web server when you request a non-existent 
file.

-->
http://store.sun.com/demo.jhtm 
<--

Will return this :

-->
Error getting compiled page

Can't read source file: /eSunfe1/util/sunstore/SSDynamo/html/demo.jhtm
<--

I received this error message a first time when I did a typo 
in the URL I was looking for. Requesting a non-existent 
file not managed by the Java engine, so handled by the 
HTTP daemon, will not disclose these informations.

(http://store.sun.com/demo.jpg)

Hope Sun will correct this in both their web sites and 
their Java engine (they surely use their own tools for 
that !)

Jacques Bourdeau
Previous By Date Next
Previous By Thread Next

Current thread: