CVE-2000-0759: Infoleak
First published: Thu Sep 21 2000(Updated: )
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/org.apache.tomcat:tomcat | <=3.1 | |
| Apache Tomcat | =3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2000-0759
- https://github.com/advisories/GHSA-qg4g-6jcq-rw93 (Advisory)
- http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719184401.17782A-100000@grex.cyberspace.org
- http://www.securityfocus.com/bid/1531
- http://www.iss.net/security_center/static/4967.php
- http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719184401.17782A-100000%40grex.cyberspace.org
Frequently Asked Questions
What is the severity of CVE-2000-0759?
CVE-2000-0759 is considered to be a moderate severity vulnerability due to its potential to expose sensitive information.
How do I fix CVE-2000-0759?
To fix CVE-2000-0759, upgrade Jakarta Tomcat to a version higher than 3.1 that does not reveal physical path information.
What kind of information is disclosed by CVE-2000-0759?
CVE-2000-0759 discloses file system path information when a non-existent URL is requested.
Who is affected by CVE-2000-0759?
CVE-2000-0759 affects users running Jakarta Tomcat version 3.1.
What can attackers do with the information from CVE-2000-0759?
Attackers can use the disclosed physical path information from CVE-2000-0759 to facilitate further attacks on the server.
- collector/github-advisory-latest
- alias/GHSA-qg4g-6jcq-rw93
- alias/CVE-2000-0759
- collector/github-advisory
- collector/nvd-historical
- collector/nvd-index
- collector/nvd-cve
- collector/nvd-api
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/tags
- agent/source
- package-manager/maven
- vendor/apache
- canonical/apache tomcat
- version/apache tomcat/3.1