WebSphere '.ear' File Detection

info Nessus Network Monitor Plugin ID 4960

Synopsis

The remote web server is hosting .ear files.

Description

The remote web server is hosting .ear files. .ear files are compressed source code containers that contain all of the source code and resource files for a particular web application. An attacker gaining access to this file can use any common decompression software and gain access to the source code and resource files. This can lead to the loss of confidential data and possibly more sophisticated future attacks.

Solution

N/A

Plugin Details

Severity: Info

ID: 4960

Family: Data Leakage

Published: 3/13/2009

Updated: 11/23/2016

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server