|
![]() |
名片设计 CorelDRAW Illustrator AuotoCAD Painter 其他软件 Photoshop Fireworks Flash |
|
bugtraq id 1328 class Design Error cve CVE-2000-0499 remote Yes local Yes published June 08, 2000 updated November 10, 2000 vulnerable BEA Systems Weblogic 4.5.1 - Microsoft Windows NT 4.0 BEA Systems Weblogic 4.0.4 - Microsoft Windows NT 4.0 BEA Systems Weblogic 3.1.8 - Microsoft Windows NT 4.0 IBM Websphere Application Server 3.0.21 - Sun Solaris 8.0 - Microsoft Windows NT 4.0 - Linux kernel 2.3.x - IBM AIX 4.3 Unify eWave ServletExec 3.0 - Sun Solaris 8.0 - Microsoft Windows 98 - Microsoft Windows NT 4.0 - Microsoft Windows NT 2000 - Linux kernel 2.3.x - IBM AIX 4.3.2 - HP HP-UX 11.4 Many webservers are case-sensitive, but do not have all possible combinations of cases in mapped extensions mapped properly. By changing the letters in a JSP or a JHTML file extension from lower case to upper case (eg: .jsp or .jhtml becomes .JSP or .JHTML) in a URL the server does not recognize the file extension and sends the file normally. In that manner, a user is able to access the source code to those specific files. 返回类别: 教程 上一教程: 我认为JSP有问题(下) 下一教程: 利用Spring MVC轻松实现页面缓存 您可以阅读与"多中WEB服务器的通用JSp源代码暴露漏洞"相关的教程: · IBM WebSphere源代码暴露漏洞 · JSP多种web应用服务器导致JSP源码泄漏漏洞 · IBM WebSphere Application Server 3.0.2 存在暴露源代码漏洞 · BEA WebLogic 暴露源代码漏洞 · 在LINUX上架设支持JSP+PHP的WEB服务器 |
![]() ![]() |
快精灵印艺坊 版权所有 |
首页![]() ![]() ![]() ![]() ![]() ![]() ![]() |