Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Web Server/CGI)  >   IBM WebSphere Vendors:   IBM
IBM WebSphere May Disclose JSP Source to Remote Users Sending Invalid Host Headers
SecurityTracker Alert ID:  1013697
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 13 2005
Impact:   Disclosure of system information, Disclosure of user information
Exploit Included:  Yes  

Description:   A vulnerability was reported in IBM WebSphere. A remote user can obtain JSP source code in certain configurations.

A remote user can send a specially crafted HTTP GET request with a Host header value set to a non-existent hostname. As a result, the application server will not process the JSP. Instead, the web server will return the JSP source.

A demonstration exploit is provided:

GET /index.jsp HTTP/1.0
Host: NonExistentHost

If the document root of the application server is within the document root of the web server, this vulnerability can be exploited.

The vendor has been notified.

SPI Dynamics discovered and reported this vulnerability.

Impact:   A remote user can obtain JSP source code in certain configurations.
Solution:   No solution was available at the time of this entry.

As a workaround, the report indicates that you can move the application server's JSP source to a directory that is located outside of the web server document root.

Vendor URL: (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC