ID SECURITYVULNS:DOC:3228 Type securityvulns Reporter Securityvulns Modified 2002-07-18T00:00:00
Description
Title: Jigsaw Webserver Path Disclosure
BUG-ID: 2002031
Released: 17th Jul 2002
Problem:
It is possible to disclose the physical path to the webroot. This
information could be useful to a malicious user wishing to gain
illegal access to resources on the server.
Vulnerable:
Jigsaw V2.2.1 Distribution on Windows 2000 Server
Not Vulnerable:
Jigsaw V2.2.1 Dev/2.2/20020711 on Windows 2000 Server
Product Description:
Quoted from the vendor webpage:
"Jigsaw is W3C's leading-edge Web server platform, providing a sample
HTTP 1.1 implementation and a variety of other features on top of an
advanced architecture implemented in Java. The W3C Jigsaw Activity
statement explains the motivation and future plans in more detail.
Jigsaw is an W3C Open Source Project, started May 1996."
Details:
Requesting /aux two times, results in an error message, after second
request, containing the physical path to the web root.
Vendor URL:
You can visit the vendor webpage here: http://www.w3.org
Vendor response:
The vendor was notified on the 27th of May, 2002. On the 11th of
July, 2002 we verified that the issue was corrected in the latest
build (20020708).
Corrective action:
Upgrade your Jigsaw.jar to the latest build, available from:
http://jigsaw.w3.org/Devel/classes-2.2/20020711/
Author: Peter Gründl (pgrundl@kpmg.dk)
KPMG is not responsible for the misuse of the information we provide
through our security advisories. These advisories are a service to
the professional security community. In no event shall KPMG be lia-
ble for any consequences whatsoever arising out of or in connection
with the use or spread of this information.
{"id": "SECURITYVULNS:DOC:3228", "bulletinFamily": "software", "title": "KPMG-2002031: Jigsaw Webserver Path Disclosure", "description": "--------------------------------------------------------------------\r\n\r\nTitle: Jigsaw Webserver Path Disclosure\r\n\r\nBUG-ID: 2002031\r\nReleased: 17th Jul 2002\r\n--------------------------------------------------------------------\r\n\r\nProblem:\r\n========\r\nIt is possible to disclose the physical path to the webroot. This\r\ninformation could be useful to a malicious user wishing to gain\r\nillegal access to resources on the server.\r\n\r\n\r\nVulnerable:\r\n===========\r\n- Jigsaw V2.2.1 Distribution on Windows 2000 Server\r\n\r\nNot Vulnerable:\r\n===============\r\n- Jigsaw V2.2.1 Dev/2.2/20020711 on Windows 2000 Server\r\n\r\n\r\nProduct Description:\r\n====================\r\nQuoted from the vendor webpage:\r\n\r\n"Jigsaw is W3C's leading-edge Web server platform, providing a sample\r\n HTTP 1.1 implementation and a variety of other features on top of an\r\n advanced architecture implemented in Java. The W3C Jigsaw Activity\r\n statement explains the motivation and future plans in more detail.\r\n Jigsaw is an W3C Open Source Project, started May 1996."\r\n\r\n\r\nDetails:\r\n========\r\nRequesting /aux two times, results in an error message, after second\r\nrequest, containing the physical path to the web root.\r\n\r\n\r\nVendor URL:\r\n===========\r\nYou can visit the vendor webpage here: http://www.w3.org\r\n\r\n\r\nVendor response:\r\n================\r\nThe vendor was notified on the 27th of May, 2002. On the 11th of\r\nJuly, 2002 we verified that the issue was corrected in the latest\r\nbuild (20020708).\r\n\r\n\r\nCorrective action:\r\n==================\r\nUpgrade your Jigsaw.jar to the latest build, available from:\r\nhttp://jigsaw.w3.org/Devel/classes-2.2/20020711/\r\n\r\n\r\n\r\nAuthor: Peter Gründl (pgrundl@kpmg.dk)\r\n\r\n--------------------------------------------------------------------\r\nKPMG is not responsible for the misuse of the information we provide\r\nthrough our security advisories. These advisories are a service to\r\nthe professional security community. In no event shall KPMG be lia-\r\nble for any consequences whatsoever arising out of or in connection\r\nwith the use or spread of this information.\r\n--------------------------------------------------------------------\r\n", "published": "2002-07-18T00:00:00", "modified": "2002-07-18T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:3228", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:06", "edition": 1, "viewCount": 0, "enchantments": {"score": {"value": 2.3, "vector": "NONE", "modified": "2018-08-31T11:10:06", "rev": 2}, "dependencies": {"references": [{"type": "threatpost", "idList": ["THREATPOST:F3563336B135A1D7C1251AE54FDC6286"]}, {"type": "nessus", "idList": ["EULEROS_SA-2020-1318.NASL", "EULEROS_SA-2020-1323.NASL", "EULEROS_SA-2020-1314.NASL", "DEBIAN_DLA-2164.NASL", "FREEBSD_PKG_40194E1C6D8911EA808280EE73419AF3.NASL", "EULEROS_SA-2020-1299.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201314", "OPENVAS:1361412562311220201299", "OPENVAS:1361412562311220201323", "OPENVAS:1361412562311220201318", "OPENVAS:1361412562310892164"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C"]}, {"type": "zdt", "idList": ["1337DAY-ID-34153", "1337DAY-ID-34159", "1337DAY-ID-34134"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:10149"]}, {"type": "kitploit", "idList": ["KITPLOIT:1907207623071471216"]}, {"type": "mssecure", "idList": ["MSSECURE:057ED5C1C386380F0F149DBAC7F1F6EF"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:156729"]}], "modified": "2018-08-31T11:10:06", "rev": 2}, "vulnersScore": 2.3}, "affectedSoftware": []}
{"rst": [{"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **201[.]16.228.170** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **2**.\n First seen: 2020-02-05T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **generic**.\nASN 16735: (First IP 201.16.162.0, Last IP 201.16.255.255).\nASN Name \"ALGAR\" and Organisation \"TELECOM SA\".\nASN hosts 13475 domains.\nGEO IP information: City \"Americana\", Country \"Brazil\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-02-05T00:00:00", "id": "RST:04AF6A6F-47AD-3228-ABCA-D1DC7BE0DE9C", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 201.16.228.170", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **202[.]164.139.174** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **19**.\n First seen: 2020-12-17T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **generic**.\nASN 17465: (First IP 202.164.128.0, Last IP 202.164.159.255).\nASN Name \"ASIANET\" and Organisation \"Cable ISP in India\".\nASN hosts 742 domains.\nGEO IP information: City \"Alappuzha\", Country \"India\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-17T00:00:00", "id": "RST:8217F524-8E95-3228-9DDF-2840C0E1EBA3", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 202.164.139.174", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **212[.]18.43.95** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **33**.\n First seen: 2021-02-10T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **generic**.\nASN 21283: (First IP 212.18.32.0, Last IP 212.18.63.255).\nASN Name \"A1SIAS\" and Organisation \"A1 Slovenija\".\nASN hosts 3228 domains.\nGEO IP information: City \"Mokronog\", Country \"Slovenia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-10T00:00:00", "id": "RST:303F4608-8314-3416-ABEB-6D68A822BD79", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 212.18.43.95", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **212[.]18.61.206** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **2**.\n First seen: 2020-01-02T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **malware**.\nASN 21283: (First IP 212.18.32.0, Last IP 212.18.63.255).\nASN Name \"A1SIAS\" and Organisation \"A1 Slovenija\".\nASN hosts 3228 domains.\nGEO IP information: City \"Litija\", Country \"Slovenia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-01-02T00:00:00", "id": "RST:270BE814-E14B-3E8F-A5C0-827C71F77846", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 212.18.61.206", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **212[.]83.129.80** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **18**.\n First seen: 2021-01-18T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **generic**.\nASN 12876: (First IP 212.83.128.0, Last IP 212.83.191.255).\nASN Name \"\" and Organisation \"Online SAS\".\nASN hosts 484941 domains.\nGEO IP information: City \"Amiens\", Country \"France\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-18T00:00:00", "id": "RST:34584FD9-B4A9-3228-87D3-41679143A073", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 212.83.129.80", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **194[.]87.139.151** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **6**.\n First seen: 2020-08-14T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **shellprobe**.\nASN 24961: (First IP 194.87.138.0, Last IP 194.87.139.255).\nASN Name \"MYLOCAS\" and Organisation \"\".\nASN hosts 191703 domains.\nGEO IP information: City \"Dsseldorf\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-08-14T00:00:00", "id": "RST:8C204B2F-B14D-3228-952D-823FCD27E745", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 194.87.139.151", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **louisvuittonhandbagsukoutlett[.]co.uk** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **spam**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:7CC791AF-7F27-3228-9B4D-F8539201C30C", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: louisvuittonhandbagsukoutlett.co.uk", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **mzwh[.]nagoya** in [RST Threat Feed](https://rstcloud.net/profeed) with score **2**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 23[.]202.231.167,23.217.138.108\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:70E0CB11-AAD2-3228-9047-9BAC345D8913", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: mzwh.nagoya", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **mous-pal-limited[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-09-13T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **malware**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-09-13T00:00:00", "id": "RST:FD023361-80FA-3228-B6FE-5DF0CA059C4C", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: mous-pal-limited.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **http://115[.]48.228.201:52663/i** in [RST Threat Feed](https://rstcloud.net/profeed) with score **14**.\n First seen: 2021-02-13T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **malware**.\nIOC could be a **False Positive** (Resource unavailable).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-13T00:00:00", "id": "RST:72B60171-0475-3228-9DF4-9887B36BAAF2", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: http://115.48.228.201:52663/i", "type": "rst", "cvss": {}}]}
