Caucho Technology Resin 2.1.12 - Directory Listings Disclosure

EDB-ID:

23671


Author:

Wang Yun

Type:

remote


Platform:

Linux

Date:

2004-02-09


source: https://www.securityfocus.com/bid/9617/info

It has been reported that Resin may be prone to an information disclosure vulnerability that may allow an attacker to disclose directory listings by passing malicious data via a URI parameter.

The issue has been reported to present itself on Windows NT/2000 systems running Apache 1.3.29 and Resin 2.1.12.

http://www.example.com/WEB-INF../