February 22, 2002

Debian Security: gnujsp

Author: JT Smith

Debian: "Thomas Springer found a vulnerability in GNUJSP, a Java servlet that allows you to insert Java source code into HTML files. The problem can be used to bypass access restrictions in the web server. An attacker can view the contents of directories and download files directly rather then receiving their HTML output. This means that the source code of scripts could also be revealed." Details here.


  • Linux
Click Here!