Short Name |
HTTP:INFO-LEAK:SNOOP-DISLOSURE |
---|---|
Severity |
Info |
Recommended |
No |
Category |
HTTP |
Keywords |
Tomcat Snoop Servlet Information Disclosure |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a snoop servlet vulnerability in the Apache Tomcat package. Versions 3.0 and 3.1 are susceptible. Attackers can request a nonexistent URL with the .snp extension to produce an error message that contains sensitive server information, such as full paths and OS data.
A vulnerability exists in the snoop servlet portion of the Tomcat package, version 3.1, from the Apache Software Foundation. Upon hitting an nonexistent file with the .snp extension, too much information is presented by the server as part of the error message. This information may be useful to a would be attacker in conducting further attacks. This information includes full paths, OS information, and other information that may be sensitive.