Nmap Development mailing list archives
[NSE] http-vuln-cve2009-0580
From: "M. Hani Benhailes" <kroosec () gmail com>
Date: Mon, 19 Mar 2012 17:15:50 +0100
Hi list, description = [[ Tries to exploit cve-2009-0580 also known as Apache Tomcat user enumeration with FORM authentication. This vulnerability permits to enumerate (brute force) valid Apache tomcatserver users via requests to /j_security_check with malformed URL encoding of passwords. It is present in versions 6.0.0 to 6.0.18, 5.5.0 to 5.5.27 and 4.1.0 to 4.1.39
For more information, see: * https://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0580 * http://www.osvdb.org/55055 * http://www.securityfocus.com/bid/35196 ]] --@output -- PORT STATE SERVICE -- 80/tcp open http --| http-vuln-cve2009-0580: --| VULNERABLE: --| Apache Tomcat user enumeration with FORM authentication --| State: VULNERABLE (Exploitable) --| IDs: CVE:CVE-2009-0580 --| Risk factor: Low CVSSv2: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:N/A:N) --| Description:--| Permits to enumerate Apache Tomcat users remotely and is present in
--| Apache Tomcat 6.0.0 to 6.0.18, 5.5.0 to 5.5.27 and 4.1.0 to 4.1.39 --| Disclosure date: 2009-06-14 --| Exploit results: --| admin --| tomcat --| References: --| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 --|_ http://www.osvdb.org/55055 Cheers, Hani. -- M. Hani Benhabiles OWASP Algeria Student Chapter: Founder/President. http://www.owaspalgeriasc.org https://www.owasp.org/index.php/Algeria_Student_Chapter Email: hani.benhabiles () owasp org Twitter: https://twitter.com/#!/kroosec Blog: http://kroosec.blogspot.com
Attachment:
http-vuln-cve2009-0580.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-vuln-cve2009-0580 M. Hani Benhailes (Mar 19)
- Re: [NSE] http-vuln-cve2009-0580 Patrik Karlsson (Mar 23)