Published: 20/10/2000 Updated: 05/09/2008
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 645
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.


source: wwwsecurityfocuscom/bid/1532/info A vulnerability exists in the snoop servlet portion of the Tomcat package, version 31, from the Apache Software Foundation Upon hitting an nonexistent file with the snp extension, too much information is presented by the server as part of the error message This information may be useful to a w ...