JavaWebServer viewable source bug

Summary
Description:You can view the source of .jhtml files by appending a '.' or '\' to their name. ie http://target.com/authenticate.jhtml. .
Author:Brian Krahmer <brian@KRAHMER.COM>
Compromise:View the source code of .jhtml files which in some cases should be secret
Vulnerable Systems:Those running vulnerable versions of JavaWebServer for win32
Date:16 July 1997
Details


Date: Wed, 16 Jul 1997 14:01:05 -0500
From: Brian Krahmer <brian@KRAHMER.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Viewable .jhtml source with JavaWebServer

It has been discovered by Min Chang that there is a security
vulnerability in the 1.1Beta version of JavaWebServer for win32.
Similar to the IIS viewable source bug, if you append a '.' (period) or
a '\' (backslash) to a .jhtml URL, the server will display the source.
.jhtml files are html files with embedded Java code that are supposed to
be compiled and returned to the client (sans the java code).  Because
these files can have things like jdbc queries or important server
filenames embedded in them, it is a security risk.

examples:
http://localhost/xyz.jhtml.
or
http://localhost/xyz.jhtml\

brian
--
  Brian Krahmer - brian@krahmer.com - http://www.krahmer.com
           President, Network Guardians, Inc.
  Makers of NetGuard.  1.0 release coming after the new year!
               http://www.net-guards.com

More Exploits!

The master index of all exploits is available here (Very large file)
Or you can pick your favorite operating system:
All OS's Linux Solaris/SunOS Micro$oft
*BSD Macintosh AIX IRIX
ULTRIX/Digital UNIX HP/UX SCO Remote exploits

This page is part of Fyodor's exploit world. For a free program to automate scanning your network for vulnerable hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resouces:

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault