Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

Blazix Web Server JSP source disclosure Vulnerability Scan

Vulnerability Scan Summary
Attempts to read the source of a jsp page

Detailed Explanation for this Vulnerability Test

It is possible to make the remote web server disclose the source
code of its JSP pages by requesting the pages while appending a plus
sign or a backslash to its name (ie: filename.jsp+ instead of filename.jsp).

A possible hacker may use this flaw to get the source code of your CGIs
and possibly obtain passwords and other relevant information about
this host.

Solution : Upgrade to Blazix 1.2.1 or newer
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.