Description

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.

Remediation

References

CVE-2000-0760

Related Vulnerabilities

WebLogic Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-8908)

WordPress Plugin Church Admin Cross-Site Scripting (0.856)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3848)

Magento Incorrect Authorization Vulnerability (CVE-2020-9587)

Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.3)

Severity

Medium

Classification

CVE-2000-0760

Tags

Missing Update Known Vulnerabilities