Apache Tomcat Snoop Servlet Remote Information Disclosure

Medium Nessus Network Monitor Plugin ID 1464


The remote host may give an attacker information useful for future attacks.


The remote Tomcat server has the 'snoop' servlet installed. This servlet discloses valuable information about the remote host, such as the server type and version, the PATHs in use, and the kernel version of the remote host. An attacker may use this information to gain intimate knowledge about this host and make more precise attacks against it.


Delete this servlet

Plugin Details

Severity: Medium

ID: 1464

Family: Web Servers

Published: 2004/08/20

Modified: 2016/02/05

Dependencies: 1442

Nessus ID: 10478

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 5.3

Temporal Score: 4.9


Temporal Vector: CVSS3#E:F/RL:O/RC:X

Vulnerability Information

CPE: cpe:/a:apache:tomcat

Reference Information

CVE: CVE-2000-0760

BID: 1532