Family: CGI abuses --> Category: infos
JBoss Malformed HTTP Request Remote Information Disclosure Vulnerability Scan
Vulnerability Scan Summary
Attempts to read security policy of a remote JBoss server
Detailed Explanation for this Vulnerability Test
The remote web server is affected by an information disclosure flaw.
The remote JBoss server is vulnerable to an information disclosure
flaw which may allow a possible hacker to retrieve the physical path of the
server installation, its security policy, or to guess its exact
version number. A possible hacker may use this flaw to gain more
information about the remote configuration.
See also :
Upgrade to JBoss 3.2.8 or 4.0.3. Or edit JBoss' 'jboss-service.xml'
configuration file, set 'DownloadServerClasses' to 'false', and
restart the server.
Low / CVSS Base Score : 2.3
Click HERE for more information and discussions on this network vulnerability scan.