CVE-2002-0300
N/A
N/A
Summary
gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/4125
- http://www.iss.net/security_center/static/8240.php
- http://marc.info/?l=bugtraq&m=101422432123898&w=2
- http://www.debian.org/security/2002/dsa-114
- http://marc.info/?l=bugtraq&m=101415804625292&w=2
References
- http://www.securityfocus.com/bid/4125
- http://www.iss.net/security_center/static/8240.php
- http://marc.info/?l=bugtraq&m=101422432123898&w=2
- http://www.debian.org/security/2002/dsa-114
- http://marc.info/?l=bugtraq&m=101415804625292&w=2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.