fyi. -jon ---------- From: lovehacker <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Mon, 2 Apr 2001 03:56:51 -0000 To: [EMAIL PROTECTED] Subject: Re: CHINANSL Security Advisory(CSA-200109) HI Sverre: Thanks your reply. your website is very nice. Today,I download Tomcat 4.0-b2 but it still can reveal script source code by special URL. please see CHINANSL Security Advisory (CSA- 200110). thanks again. lovehacker All Rights Reserved. http://www.chinansl.com [EMAIL PROTECTED] > [lovehacker] > > | Topic:Tomcat 4.0-b1 for winnt/2000 show ".jsp" > | source Vulnerability. [...] > > | exploits: > | http://target:8080/examples/snp/snoop%2ejsp > > This is the same problem I reported a few days ago. It has already > been fixed in Tomcat 4.0 beta 2. > > > Sverre. > > -- > <URL:mailto:[EMAIL PROTECTED]> > <URL:http://shh.thathost.com/> > >
