Apache Tomcat 3.2.3/3.2.4 - 'RealPath.jsp' Information Disclosuree

EDB-ID:

21492




Platform:

Multiple

Date:

2002-05-29


source: https://www.securityfocus.com/bid/4878/info

Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation.

Under some circumstances, Tomcat may yield sensitive information about the web server configuration. When the realPath.jsp page is accessed, it may leak information. Upon being accessed, the realPath.jsp page will display the web root directory of the Tomcat implementation.

http://example.com/test/realPath.jsp