Description
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2798 Vulnerability (CVE-2019-2798)
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8003)
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-1991)
PHP Improper Input Validation Vulnerability (CVE-2011-4153)
Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797)