Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2003-0043 | First vendor Publication | 2003-02-07 |
Vendor | Cve | Last vendor Modification | 2017-10-10 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-05-05 | Name : HP-UX Update for Tomcat HPSBUX00249 File : nvt/gb_hp_ux_HPSBUX00249.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 246-1 (tomcat) File : nvt/deb_246_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12231 | Apache Tomcat web.xml Arbitrary File Access Jakarta Tomcat contains a flaw that may lead to an unauthorized information disclosure. The issue is due to an error when using trusted privileges to process the web.xml file. This flaw may allow a remote attacker to use web.xml to read arbitrary files in the web server, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-246.nasl - Type : ACT_GATHER_INFO |
2003-03-22 | Name : The remote web server is affected by an information disclosure vulnerability. File : tomcat_directory_listing_and_file_disclosure.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:56 |
|
2021-04-22 01:02:06 |
|
2020-05-23 00:15:20 |
|
2017-10-10 09:23:25 |
|
2014-02-17 10:25:44 |
|
2013-05-11 11:50:20 |
|