Description
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Other Vulnerability (CVE-2003-0017)
XWiki Improper Authentication Vulnerability (CVE-2022-36093)
MySQL CVE-2019-2737 Vulnerability (CVE-2019-2737)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1582)
WordPress Plugin Advanced Access Manager Security Bypass (3.2.1)