This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote Apache Tomcat server is affected by an information
The remote Apache Tomcat web server is affected by an information
disclosure vulnerability. The full install path of Apache Tomcat can
be obtained by sending an HTTP request which contains a long URL.
Note that there reportedly is an additional install path disclosure
vulnerability in this version of Apache Tomcat
however, Nessus has
not explicitly tested for it.
See also :
Update to Apache Tomcat version 4.0.2 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 5.0
Public Exploit Available : true