Sun One WebServer 6.1 JSP Source Viewing vulnerability
System: Sun-ONE-Web-Server/6.1, Windows Server 2003
SunOne WebServer (formerly Netscape Enterprise Server, iPlanet) on Windows Systems lets remote people disclose
JSP Source code.
A normal URL would look like:
http://server/hello.jsp
To disclose the contents including source code of a JSP file:
http://server/hello.jsp::$DATA
Best Regards,
Nikolaos Rangos
{"id": "SECURITYVULNS:DOC:22123", "bulletinFamily": "software", "title": "Sun One WebServer 6.1 JSP Source Viewing vulnerability", "description": "Sun One WebServer 6.1 JSP Source Viewing vulnerability\r\n\r\nSystem: Sun-ONE-Web-Server/6.1, Windows Server 2003\r\n\r\nSunOne WebServer (formerly Netscape Enterprise Server, iPlanet) on Windows Systems lets remote people disclose\r\nJSP Source code.\r\n\r\nA normal URL would look like:\r\n\r\nhttp://server/hello.jsp\r\n\r\nTo disclose the contents including source code of a JSP file:\r\n\r\nhttp://server/hello.jsp::$DATA\r\n\r\nBest Regards,\r\n\r\nNikolaos Rangos\r\n\r\n", "published": "2009-07-05T00:00:00", "modified": "2009-07-05T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22123", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:30", "edition": 1, "viewCount": 10, "enchantments": {"score": {"value": 1.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10041"]}], "rev": 4}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10041"]}]}, "exploitation": null, "vulnersScore": 1.8}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645555325}}
Sun One WebServer 6.1 JSP Source Viewing vulnerability