Signature Detail
Short Name |
HTTP:INFO-LEAK:JSP-SRC |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
HTTP |
Release Date |
2006/10/20 |
Update Number |
1213 |
Supported Platforms |
di-5.3+ |
HTTP: BEA WebLogic JSP Source Disclosure
This signature detects attempts to exploit a known vulnerability in BEA WebLogic JSP server. Attackers can disclose the source of a JSP file to discover potential weaknesses in Web-based Java programs.
Extended Description
Many webservers are case-sensitive, but do not have all possible combinations of cases in mapped extensions mapped properly. By changing the letters in a JSP or a JHTML file extension from lower case to upper case (eg: .jsp or .jhtml becomes .JSP or .JHTML) in a URL the server does not recognize the file extension and sends the file normally. In that manner, a user is able to access the source code to those specific files.
Affected Products
- BEA Systems Weblogic 3.1.8
- BEA Systems Weblogic 4.0.4
- BEA Systems Weblogic Server 3.1.8
- BEA Systems Weblogic Server 4.5.1
- IBM Websphere Application Server 3.0.2 .1
- Unify eWave ServletExec 3.0.0
References
- BugTraq: 1328
- CVE: CVE-2000-0499
- URL: http://xforce.iss.net/xforce/xfdb/4694
- URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2000-0499