Apache Jakarta-Tomcat /admin Context Vulnerability

Bugtraq ID:	1548
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Jul 20 2000 12:00AM
Updated:	Jul 20 2000 12:00AM
Credit:	This vulnerability was posted to the Bugtraq mailing list on July 20, 2000 by Scott Morris <[email protected]>
Vulnerable:	Apache Tomcat 3.1 - BSDI BSD/OS 4.0 - Caldera OpenLinux 2.4 - Debian Linux 2.2 - Debian Linux 2.1 - Digital UNIX 4.0 - FreeBSD FreeBSD 5.0 - FreeBSD FreeBSD 4.0 - Mandriva Linux Mandrake 7.1 - Mandriva Linux Mandrake 7.0 - NetBSD NetBSD 1.4.2 x86 - NetBSD NetBSD 1.4.1 x86 - Redhat Linux 6.2 i386 - Redhat Linux 6.1 i386 - SGI IRIX 6.5 - SGI IRIX 6.4 - Sun Solaris 8_sparc - Sun Solaris 7.0 Apache Tomcat 3.0 - BSDI BSD/OS 4.0 - Caldera OpenLinux 2.4 - Debian Linux 2.2 - Debian Linux 2.1 - Digital UNIX 4.0 - FreeBSD FreeBSD 5.0 - FreeBSD FreeBSD 4.0 - Mandriva Linux Mandrake 7.1 - Mandriva Linux Mandrake 7.0 - NetBSD NetBSD 1.4.2 x86 - NetBSD NetBSD 1.4 x86 - Redhat Linux 6.2 i386 - Redhat Linux 6.1 i386 - SGI IRIX 6.5 - SGI IRIX 6.4 - Sun Solaris 8_sparc - Sun Solaris 7.0
Not Vulnerable:

Apache Jakarta-Tomcat /admin Context Vulnerability

See discusssion for exploit information.

Apache Jakarta-Tomcat /admin Context Vulnerability

Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].