Lucene search

[email protected]CVE-2000-0760

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0760

2000-10-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0760

snoop servlet

jakarta tomcat

apache

sensitive information leak

nvd

6.5 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.062 Low

EPSS

Percentile

93.5%

JSON

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.

CPENameOperatorVersion
apache:tomcatapache tomcateq3.1
apache:tomcatapache tomcateq3.0

CPE	Name	Operator	Version
apache:tomcat	apache tomcat	eq	3.1
apache:tomcat	apache tomcat	eq	3.0

References

www.securityfocus.com/bid/1532

www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000%40grex.cyberspace.org

6.5 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.062 Low

EPSS

Percentile

93.5%

JSON

Related for CVE-2000-0760

nessus1 tomcat1