ServletExec 4.1 ISAPI com.newatlanta.servletexec.JSP10Servlet Traversal Arbitrary File Access

medium Nessus Plugin ID 10959

Synopsis

The remote host has a script that is affected by an information disclosure vulnerability.

Description

By invoking the JSPServlet directly it is possible to read the contents of files within the webroot that would not normally be accessible (global.asa, for example.) When attempting to retrieve ASP pages it is common to see many errors due to their similarity to JSP pages in syntax, and hence only fragments of these pages are returned. Text files can generally be read without problem.

Solution

Download Patch #9 from ftp://ftp.newatlanta.com/public/4_1/patches/

References: www.westpoint.ltd.uk/advisories/wp-02-0006.txt

Plugin Details

Severity: Medium

ID: 10959

File Name: servletExec_File_Reading.nasl

Version: 1.23

Type: remote

Family: CGI abuses

Published: 5/22/2002

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Exploit Ease: No exploit is required

Vulnerability Publication Date: 5/22/2002

Reference Information

CVE: CVE-2002-0893

BID: 4795

Detections

Analytics