Nessus Plugin #11042
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Apache Tomcat DOS Device Name XSS
- Family:
- CGI abuses : XSS
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2002 Matt Moore
- Summary:
- Tests for Apache Tomcat DOS Device name XSS Bug
- Version:
- $Revision: 1.12 $
- Cve_id:
- -
- Bugtraq_id:
- 5194
- Xrefs:
- -
- Description:
- Apache Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
By making requests for DOS Device names it is possible to cause
Tomcat to throw an exception, allowing XSS attacks, e.g:
tomcat-server/COM2.IMG%20src='Javascript:alert(document.domain)'
(angle brackets omitted)
The exception also reveals the physical path of the Tomcat installation.
Solution:
Upgrade to Apache Tomcat v4.1.3 beta or later.
References:
www.westpoint.ltd.uk/advisories/wp-02-0008.txt (DOS Device XSS)
http://www.securiteam.com/windowsntfocus/5KP0L007FI.html (DOS device name
physical path disclosure).
Risk factor : Low
Generiert am 27.04.2005 um 18:49:54 Uhr.