Novell NetWare 6.0 Tomcat source.jsp Traversal Arbitrary File Access

High Nessus Plugin ID 12119

Synopsis

Sensitive data can be read on the remote data.

Description

The Apache Tomcat server distributed with NetWare 6.0 has a directory traversal vulnerability. As a result, sensitive information could be obtained from the NetWare server, such as the RCONSOLE password located in AUTOEXEC.NCF.

Example :

http://target/examples/jsp/source.jsp?%2e%2e/%2e%2e/%2e%2e/%2e%2e/system/autoexec.ncf

Solution

Upgrade Tomcat to the latest version, or disable the service if it is not required.
Remove default files from the web server. Also, ensure the RCONSOLE password is encrypted and utilize a password protected screensaver for console access.

Plugin Details

Severity: High

ID: 12119

File Name: netware_tomcat_sourcecode_viewer.nasl

Version: $Revision: 1.12 $

Type: remote

Family: Netware

Published: 2004/03/30

Modified: 2013/01/25

Dependencies: 10107, 17975

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/o:novell:netware, cpe:/a:apache:tomcat

Vulnerability Publication Date: 2000/03/21

Reference Information

CVE: CVE-2000-1210