Nessus Plugin #11046
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Apache Tomcat TroubleShooter Servlet Installed
- Family:
- CGI abuses : XSS
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2002 Matt Moore
- Summary:
- Tests whether the Apache Tomcat TroubleShooter Servlet is installed
- Version:
- $Revision: 1.11 $
- Cve_id:
- -
- Bugtraq_id:
- 4575
- Xrefs:
- -
- Description:
- The default installation of Tomcat includes various sample jsp pages and servlets. One of these, the 'TroubleShooter' servlet, discloses various information about the system on which Tomcat is installed. This servlet can also be used to perform cross-site scripting attacks.
Solution:
Example files should not be left on production servers.
References:
http://www.osvdb.org/displayvuln.php?osvdb_id=849
Risk factor : Low
Generiert am 27.04.2005 um 18:49:54 Uhr.