How to Buy
This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The web server running on the remote host is affected by an
information disclosure vulnerability.
According to its self-reported version number, the remote host is
running a vulnerable version of Apache Tomcat. Affected versions
permit a web application to replace the XML parser used to process the
XML and TLD files of other applications. This could allow a malicious
web app to read or modify 'web.xml', 'context.xml', or TLD files of
arbitrary web applications.
See also :
Upgrade to versions 7.0.19 / 6.0.20 / 5.5.28 / 4.1.40 or later.
Alternatively, apply the patches referenced in the vendor advisory.
Risk factor :
Medium / CVSS Base Score : 4.6
CVSS Temporal Score : 4.0
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 39479 ()
Bugtraq ID: 35416
CVE ID: CVE-2009-0783
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.