|Title:||JBoss source disclosure|
It is possible to make the remote web server disclose the source
code of its JSP pages by appending a NULL character to the name
of the JSP files requested (ie: foo.jsp%00).
An attacker may use this flaw to get the source code of your CGIs
and possibly obtain passwords and other relevant information about
Solution : None at this time
Risk factor : High
BugTraq ID: 7764|
|Copyright||This script is Copyright (C) 2003 Tenable Network Security|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.