Apache Tomcat Snoop Servlet Remote Information Disclosure
Medium Nessus Plugin ID 10478
SynopsisThe remote Apache Tomcat web server has a servlet installed that is affected by an information disclosure vulnerability.
DescriptionThe 'snoop' Tomcat servlet is installed. This servlet gives too much information about the remote host, such as the PATHs in use, the host kernel version, etc.
A remote attacker can exploit this to gain more knowledge about the host, allowing an attacker to conduct further attacks.
SolutionDelete the 'snoop' servlet.