Penetration Testing mailing list archives

XSS vulnerability on Apache Tomcat server

From: Erwin van der Zwan <erwin.zwan-van-der () siemens nl>
Date: 13 Aug 2002 06:59:40 -0000



I am currently pen-testing an Apache Tomcat v4.0.3 web server running on a 
Windows 2000 box. The server just provides access to an LDAP database 
through a search query. The box is connected directly to the Internet and 
seems to be protected by McAfee/PGP personal firewall/IDS which blocks the 
IP address for 30 minutes or so. TCP ports 21, 80, 389, 1002 and 1720 
seems to be open, the rest is filtered/blocked. The server is running 
tomcat_server/servlet/JNDISearch Java LDAP search code.

It seems to be vulnerable for XSS and path disclosure vulnerabilities. I 
got the path (D:\Tomcat\webapps) but any ideas on how to exploit the XSS 
vulnerability or advance with the test?

Ideas?

EvdZ

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

XSS vulnerability on Apache Tomcat server Erwin van der Zwan (Aug 13)
- Re: XSS vulnerability on Apache Tomcat server Anthony LaMantia (Aug 14)
- <Possible follow-ups>
- Re: XSS vulnerability on Apache Tomcat server Muhammad Faisal Rauf Danka (Aug 21)