XSS vulnerability on Apache Tomcat server

From: Erwin van der Zwan (erwin.zwan-van-der@siemens.nl)
Date: Tue Aug 13 2002 - 02:59:40 EDT

• Next message: Ron Davis: "Fax to EMail Gateway"
• Previous message: Ali Saifullah Khan: "Re: Re: Buffer Overflow Help"
• Next in thread: Anthony LaMantia: "Re: XSS vulnerability on Apache Tomcat server"
• Reply: Anthony LaMantia: "Re: XSS vulnerability on Apache Tomcat server"
• Maybe reply: Muhammad Faisal Rauf Danka: "Re: XSS vulnerability on Apache Tomcat server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

It seems to be vulnerable for XSS and path disclosure vulnerabilities. I
got the path (D:\Tomcat\webapps) but any ideas on how to exploit the XSS
vulnerability or advance with the test?

Ideas?

EvdZ

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Ron Davis: "Fax to EMail Gateway"
• Previous message: Ali Saifullah Khan: "Re: Re: Buffer Overflow Help"
• Next in thread: Anthony LaMantia: "Re: XSS vulnerability on Apache Tomcat server"
• Reply: Anthony LaMantia: "Re: XSS vulnerability on Apache Tomcat server"
• Maybe reply: Muhammad Faisal Rauf Danka: "Re: XSS vulnerability on Apache Tomcat server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:24 EDT