header-logo
Suggest Exploit
vendor:
Apache AXIS
by:
Unknown
5
CVSS
MEDIUM
Path Information Disclosure
200
CWE
Product Name: Apache AXIS
Affected Version From: Apache AXIS 1.0
Affected Version To: Apache AXIS 1.0
Patch Exists: NO
Related CWE:
CPE: a:apache:axis:1.0
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Apache AXIS Path Information Disclosure Vulnerability

The Apache AXIS web application framework is prone to a vulnerability that allows remote attackers to disclose sensitive path information. This vulnerability occurs when an attacker sends a specially crafted request to the affected server, which results in the disclosure of directory paths on the webserver.

Mitigation:

To mitigate this vulnerability, it is recommended to upgrade to a version of Apache AXIS that is not affected by this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/23687/info

Apache AXIS is prone to a path-information-disclosure vulnerability. Remote unauthorized attackers may be able to determine webserver directory paths.

Information obtained may aid attackers in launching further attacks against an affected server.

Apache AXIS 1.0 is vulnerable to this issue. 

http://www.example.com/axis/tt_pm4l.jws?wsdl

Navigation

Suggest Exploit

Services By CQR