Apache Tomcat example page disclosure - snoop vulnerability Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

5

Apache Tomcat example page disclosure - snoop vulnerability Scanner Detail

The vulnerability in Apache Tomcat v4.x - v7.x can be used by attackers to gain information about the system. These exploits are also known to be vulnerable to cross site scripting (XSS) injection.

The 'snoop' Tomcat servlet is installed. This servlet gives too much information about the remote host, such as the PATHs in use, the host kernel version, etc. A remote attacker can exploit this to gain more knowledge about the host, allowing an attacker to conduct further attacks.

Some Advice for Common Problems

Delete the 'snoop' servlet.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service