Java '.class' File Detection

Info Nessus Network Monitor Plugin ID 4661

Synopsis

The remote web server is hosting .class files.

Description

The remote web server is hosting .class files.
Distributing such files over the web can be done, but the webmaster should make sure that they to not contain confidential data. Java '.class' files are easily decompiled into source code using tools such as Jad (/www.kpdus.com/jad.html).

Solution

Ensure that confidential data is not present within the '.class' file. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.

Plugin Details

Severity: Info

ID: 4661

File Name: 4661.prm

Family: Data Leakage

Published: 2008/09/15

Modified: 2016/11/23

Dependencies: 1442

Risk Information

Risk Factor: Info