|
Family: CGI abuses --> Category: infos
Snoop Servlet path disclosure Vulnerability Scan
Vulnerability Scan Summary Attempts to enumerate physical path
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by an information disclosure flaw.
Description :
This script attempts to enumerate the actual physical path of the
servlet classes by requesting a version of 'snoopservlet' which is
missing required classes. A possible hacker, gaining information about the
actual physical layout of the file system, can use the information in
crafting more complex attacks.
Solution :
If not required, uninstall the default applications.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|