Rapid7 Vulnerability & Exploit Database

Caucho Resin WEB-INF Directory Traversal

Back to Search

Caucho Resin WEB-INF Directory Traversal

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
05/14/2007
Created
07/25/2018
Added
07/09/2007
Modified
02/13/2015

Description

Caucho Resin for Windows contains a vulnerability which would allow an attacker to read sensitive server information from the WEB-INF directory, which usually contains server configuration files and compiled java source code. An attacker could use the information obtained using the data in this directory to mount attacks against backend databases or file systems, or steal intellectual property.

Solution(s)

  • upgrade-caucho-resin-3_1_1

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;