[NSE] http-vuln-cve2009-0580

["M. Hani Benhailes" <kroosec () gmail com>]

Hi list,

description = [[
Tries to exploit cve-2009-0580 also known as Apache Tomcat user enumeration
with FORM authentication.

This vulnerability permits to enumerate (brute force) valid Apache tomcat
server users via requests to /j_security_check with malformed URL 
encoding of
passwords. It is present in versions 6.0.0 to 6.0.18, 5.5.0 to 5.5.27 
and 4.1.0 to 4.1.39

For more information, see:
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0580
* http://www.osvdb.org/55055
* http://www.securityfocus.com/bid/35196
]]

--@output
-- PORT   STATE SERVICE
-- 80/tcp open  http
--| http-vuln-cve2009-0580:
--|   VULNERABLE:
--|   Apache Tomcat user enumeration with FORM authentication
--|     State: VULNERABLE (Exploitable)
--|     IDs:  CVE:CVE-2009-0580
--|     Risk factor: Low  CVSSv2: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:N/A:N)
--|     Description:
--|       Permits to enumerate Apache Tomcat users remotely and is 
present in
--|       Apache Tomcat 6.0.0 to 6.0.18, 5.5.0 to 5.5.27 and 4.1.0 to 4.1.39
--|     Disclosure date: 2009-06-14
--|     Exploit results:
--|       admin
--|       tomcat
--|     References:
--|       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580
--|_      http://www.osvdb.org/55055

Cheers,
Hani.

--
M. Hani Benhabiles
OWASP Algeria Student Chapter: Founder/President.
http://www.owaspalgeriasc.org
https://www.owasp.org/index.php/Algeria_Student_Chapter
Email: hani.benhabiles () owasp org

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com

Attachment: http-vuln-cve2009-0580.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/