Intrusion Prevention

HTTP.Tomcat.ContextAdmin.Access

Description

This indicates a possible exploit of an Access vulnerability in Jakarta Tomcat.
Jakarta Tomcat contains a vulnerability that could allow an attacker to read arbitrary files. Tomcat does not restrict access to the /admin context. So, an attacker can call administrative servlets to add a context for the root directory. That would allow an attacker to read files with the permissions of the account running Tomcat.

Affected Products

Apache Software Foundation Tomcat 3.0 - 3.1

Impact

Disclosure or modification of sensitive data.

Recommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.

CVE References

CVE-2000-0672