Description

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.

Remediation

References

CVE-2002-2006

Related Vulnerabilities

WordPress Plugin Car Demon Multiple Cross-Site Scripting Vulnerabilities (1.0.1)

TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)

WordPress 0.7 Posts SQL Injection Vulnerability (0.7)

WordPress Plugin W3 Total Cache Server-Side Request Forgery (0.9.7.3)

WordPress Plugin Contact Form 'wpcf_easyform_formid' Parameter SQL Injection (2.7.5)

Severity

Medium

Classification

CVE-2002-2006

Tags

Missing Update Known Vulnerabilities