Novell NetWare 6.0 Tomcat source.jsp Traversal Arbitrary File Access

This script is Copyright (C) 2004-2013 David Kyger


Synopsis :

Sensitive data can be read on the remote data.

Description :

The Apache Tomcat server distributed with NetWare 6.0 has a directory
traversal vulnerability. As a result, sensitive information
could be obtained from the NetWare server, such as the RCONSOLE
password located in AUTOEXEC.NCF.

Example :

http://target/examples/jsp/source.jsp?%2e%2e/%2e%2e/%2e%2e/%2e%2e/system/autoexec.ncf

Solution :

Upgrade Tomcat to the latest version, or disable the service
if it is not required.
Remove default files from the web server. Also, ensure the RCONSOLE
password is encrypted and utilize a password protected screensaver for
console access.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)

Family: Netware

Nessus Plugin ID: 12119 ()

Bugtraq ID:

CVE ID: CVE-2000-1210

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now