Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Tomcat调用Servlet文件泄露漏洞
Vulnerability Description
Apache Apache Tomcat是美国阿帕奇(Apache)软件基金会下属的Jakarta项目的一款轻量级Web应用服务器,它主要用于开发和调试JSP程序,适用于中小型系统。可运行在Unix、Linux和Windows操作系统下。Apache Tomcat不正确处理用户提交的恶意Servlet请求,远程攻击者可以利用这个漏洞获得JSP源代码或其他受保护资源信息。此漏洞允许攻击者提交恶意构建的URL,使Apache Tomcat返回未被处理的JSP页面代码,在某些特殊情况下,可以未授权获得受安全保护
CVSS Information
N/A
Vulnerability Type
N/A