|
Family: CGI abuses : XSS --> Category: infos
Apache Tomcat DOS Device Name XSS Vulnerability Scan
Vulnerability Scan Summary Tests for Apache Tomcat DOS Device name XSS Bug
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Apache Tomcat web server is vulnerable to a cross site scripting
issue.
Description :
Apache Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
By making requests for DOS Device names it is possible to cause
Tomcat to throw an exception, allowing XSS attacks, e.g:
tomcat-server/COM2.IMG%20src='Javascript:alert(document.domain)'
(angle brackets omitted)
The exception also reveals the physical path of the Tomcat installation.
Solution :
Upgrade to Apache Tomcat v4.1.3 beta or later.
See also :
http://www.westpoint.ltd.uk/advisories/wp-02-0008.txt
Threat Level:
Low / CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|