header-logo
Suggest Exploit
vendor:
Resin
by:
Not provided
5.5
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: Resin
Affected Version From: Resin 2.1.12
Affected Version To: Not provided
Patch Exists: YES
Related CWE: CVE-2003-0202
CPE: a:caucho_technology:resin:2.1.12
Metasploit:
Other Scripts:
Platforms Tested: Windows NT/2000 with Apache 1.3.29
2003

Information Disclosure Vulnerability in Resin

Resin is prone to an information disclosure vulnerability that may allow an attacker to disclose directory listings by passing malicious data via a URI parameter.

Mitigation:

Upgrade to a patched version of Resin.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9617/info

It has been reported that Resin may be prone to an information disclosure vulnerability that may allow an attacker to disclose directory listings by passing malicious data via a URI parameter.

The issue has been reported to present itself on Windows NT/2000 systems running Apache 1.3.29 and Resin 2.1.12.

http://www.example.com/WEB-INF../

Navigation

Suggest Exploit

Services By CQR