JSP Source Code leakage vulnerability caused by multiple web application servers

JSP Source Code leakage vulnerability caused by multiple web application servers

Author: Zoomlion Chinese: Unknown: jsper

Affected Systems:
BEA Systems WebLogic 4.5.1

-Microsoft Windows NT 4.0

BEA Systems WebLogic 4.0.4

-Microsoft Windows NT 4.0

BEA Systems WebLogic 3.1.8

-Microsoft Windows NT 4.0

IBM WebSphere Application Server 3.0.21

-Sun Solaris 8.0

-Microsoft Windows NT 4.0

-Linux kernel 2.3.x

-Ibm aix 4.3

Unify ewave ServletExec 3.0

-Sun Solaris 8.0

-Microsoft Windows 98

-Microsoft Windows NT 4.0

-Microsoft Windows NT 2000

-Linux kernel 2.3.x

-Ibm aix 4.3.2

-HP HP-UX 11.4

Description:

--------------------------------------------------------------------------------

Many webservers are case sensitive, but the case-sensitive ing of suffixes is not properly processed. As long as the suffix of the JSP or JHTML file is converted from small to uppercase in the URL, the web server cannot correctly process the file suffix and display it as plain text. Attackers may obtain theseProgramOfSource code.

<* Source: stuart.mcclure@FOUNDSTONE.COM *>

--------------------------------------------------------------------------------

Suggestion:

Unify ewave ServletExec:

Unify says the default installed servlet will not leak the sourceCode

BEA Systems WebLogic:

Temporary solution:

Add handler to all possible case suffixes:

. Jsp file:

. Jsp

. JHTML file:

. Jhtml

. Jhtml

. Jhtml

. Jhtml

The vendor has provided a patch for Version 3.1.8, which can be downloaded at the following address:

Ftp://ftpna.beasys.com/pub/releases/318/caseSensitiveNTFix318.zip

IBM WebSphere Application Server:

IBM has provided corresponding patches:

Http://www-4.ibm.com/software/webservers/appserv/efix.html

Updated on: 2000-07-12 from: Green Corps