Description

IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP).

Remediation

References

CVE-2002-1822

Related Vulnerabilities

Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7829)

MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20757)

WordPress Plugin Slideshow Gallery LITE Multiple Vulnerabilities (1.5.1)

XWiki Improper Privilege Management Vulnerability (CVE-2023-34465)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3943)

Severity

Medium

Classification

CVE-2002-1822

Tags

Missing Update Known Vulnerabilities