Boss 3.2.1 with Jetty is vulnerable to full JSP source code disclosure when using a null byte.
5fa351f9ce58e57f2eea703a4be52cd1c81ec605244c7ecb9a5c8efb1cfdf9cf
Hi,
jboss 3.2.1 with jetty seems to be vulnerable to jsp source code disclosure.
Trying to access the ServerInfo.jsp with an suffixed "%00" shows the source
code of this JSP. Seems to be a forgotten debug feature :-]
http://192.168.0.4:8080/web-console/ServerInfo.jsp%00
Sincerely
Marc Schoenefeld
(www.illegalaccess.org)
- --
Never be afraid to try something new. Remember, amateurs built the
ark; professionals built the Titanic. -- Anonymous
Marc Schönefeld Dipl. Wirtsch.-Inf. / Software Developer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (AIX)
Comment: For info see http://www.gnupg.org
iD8DBQE+15vvqCaQvrKNUNQRAmlxAJ0SUWM8q1cv2qpt1TjkuC2RuhkLXgCeLUN4
beFf0+xrJmL/ex+e/nTlKUA=
=rfSA
-----END PGP SIGNATURE-----