多中WEB服务器的通用J源代码暴露漏洞_JSP技巧_黑客防线网安服务器维护基地--Powered by WWW.RONGSEN.COM.CN

多中WEB服务器的通用J源代码暴露漏洞

作者:黑客防线网安JSP教程基地 来源:黑客防线网安JSP教程基地 浏览次数:0

本篇关键词:暴露漏洞源代码通用
黑客防线网安网讯:bugtraq id 1328   class Design Error   cve CVE-2000-0499   remote Yes   local Yes   published June 08, 2000   updated November 10, 2000   vulnerable BEA Systems W...
bugtraq id 1328
  class Design Error
  cve CVE-2000-0499
  remote Yes
  local Yes
  published June 08, 2000
  updated November 10, 2000
  vulnerable BEA Systems Weblogic 4.5.1
  - Microsoft Windows NT 4.0
  BEA Systems Weblogic 4.0.4
  - Microsoft Windows NT 4.0
  BEA Systems Weblogic 3.1.8
  - Microsoft Windows NT 4.0
  IBM Websphere Application Server 3.0.21
  - Sun Solaris 8.0
  - Microsoft Windows NT 4.0
  - Linux kernel 2.3.x
  - IBM AIX 4.3
  Unify eWave ServletExec 3.0
  - Sun Solaris 8.0
  - Microsoft Windows 98
  - Microsoft Windows NT 4.0
  - Microsoft Windows NT 2000
  - Linux kernel 2.3.x
  - IBM AIX 4.3.2
  - HP HP-UX 11.4
  
  
  
  Many webservers are case-sensitive, but do not have all possible combinations of cases in mapped extensions mapped properly.
  
  By changing the letters in a JSP or a JHTML file extension from lower case to upper case (eg: .jsp or .jhtml becomes .JSP or .JHTML) in a URL the server does not recognize the file extension and sends the file normally. In that manner, a user is able to access the source code to those specific files.
  
  
  
  
    黑客防线网安服务器维护方案本篇连接:http://www.rongsen.com.cn/show-16585-1.html
网站维护教程更新时间:2012-04-07 00:43:19  【打印此页】  【关闭
我要申请本站N点 | 黑客防线官网 |  
专业服务器维护及网站维护手工安全搭建环境,网站安全加固服务。黑客防线网安服务器维护基地招商进行中!QQ:29769479

footer  footer  footer  footer