source: http://www.securityfocus.com/bid/7709/info Sun ONE Application Server is prone to a source code disclosure vulnerability. This issue is due to handling of case in requests for resources. By changing the case of a file extension, the server may fail to interpret the script and instead serve it as a normal web resource. This issue exists for Sun ONE Application Server 7.0 on Microsoft Windows platforms. Previous versions may also be affected. GET /[script].JSP HTTP/1.0 where [script] is the name of a script hosted by the server.
Related ExploitsTrying to match CVEs (1): CVE-2003-0411
Trying to match OSVDBs (1): 11709
Other Possible E-DB Search Terms: Sun ONE Application Server 7.0, Sun ONE Application Server
|2003-05-27||22665||Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting||SPI Labs|