BEA Systems WebLogic Server and Tomcat Source Disclosure Vulnerability

vendor:

WebLogic Server and Tomcat

by:

lovehacker

7.5

CVSS

HIGH

Source Disclosure Vulnerability

200

CWE

Product Name: WebLogic Server and Tomcat

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2002

BEA Systems WebLogic Server and Tomcat Source Disclosure Vulnerability

BEA Systems WebLogic Server and Tomcat are vulnerable to a source disclosure vulnerability. If successfully exploited, this vulnerability could lead to the disclosure of sensitive information contained within JSP pages. This information may assist in further attacks against the host.

Mitigation:

Ensure that the web server is configured to not return the source code of JSP files when an HTTP request contains URL encoded replacements for characters in the filename.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2527/info


BEA Systems WebLogic Server is an enterprise level web and wireless application server.

Tomcat can be used together with the Apache web server or a stand alone server for Java Servlets and Java Pages. Tomcat ships with a built in web server.

Tomcat and WebLogic's inbuilt webserver will return the source code of JSP files when an HTTP request contains URL encoded replacements for characters in the filename.

If successfully exploited this vulnerability could lead to the disclosure of sensitive information contained within JSP pages. This information may assist in further attacks against the host.

WebLogic:

http://www.example.com/index.js%70

Tomcat:

http://www.example.com/examples/jsp/num/numguess.js%70

The following variant URL for Tomcat has been provided by lovehacker <lovehacker@263.net>:

http://www.example.com/examples/snp/snoop%252ejsp