JavaWebServer viewable source bug
| Description: | You can view the source of .jhtml files by appending a '.' or '\' to their name. ie http://target.com/authenticate.jhtml. . |
| Author: | Brian Krahmer <brian@KRAHMER.COM> |
| Compromise: | View the source code of .jhtml files which in some cases should be secret |
| Vulnerable Systems: | Those running vulnerable versions of JavaWebServer for win32 |
| Date: | 16 July 1997 |
Date: Wed, 16 Jul 1997 14:01:05 -0500
From: Brian Krahmer <brian@KRAHMER.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Viewable .jhtml source with JavaWebServer
It has been discovered by Min Chang that there is a security
vulnerability in the 1.1Beta version of JavaWebServer for win32.
Similar to the IIS viewable source bug, if you append a '.' (period) or
a '\' (backslash) to a .jhtml URL, the server will display the source.
.jhtml files are html files with embedded Java code that are supposed to
be compiled and returned to the client (sans the java code). Because
these files can have things like jdbc queries or important server
filenames embedded in them, it is a security risk.
examples:
http://localhost/xyz.jhtml.
or
http://localhost/xyz.jhtml\
brian
--
Brian Krahmer - brian@krahmer.com - http://www.krahmer.com
President, Network Guardians, Inc.
Makers of NetGuard. 1.0 release coming after the new year!
http://www.net-guards.com
The master index of all exploits is available
here (Very large file)
Or you can pick your favorite operating system:
This page is part of Fyodor's exploit
world.
For a free program to automate scanning your network for vulnerable
hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resources:
