Lucene search
HistoryOct 20, 2000 - 4:00 a.m.
CVE-2000-0760
cve-2000-0760
snoop servlet
jakarta tomcat
apache
sensitive information leak
nvd
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.062 Low
EPSS
Percentile
93.6%
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
Affected configurations
Node
apachetomcatMatch3.0
ORapachetomcatMatch3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache:tomcat | apache tomcat | eq | 3.0 |
| apache:tomcat | apache tomcat | eq | 3.1 |
Related
nessus
nessus
Apache Tomcat Snoop Servlet Remote Information Disclosure
2000-07-22 00:00:00
cvelist
cvelist
CVE-2000-0760
2000-09-21 04:00:00
nvd
nvd
CVE-2000-0760
2000-10-20 04:00:00
tomcat
tomcat
Fixed in Apache Tomcat 3.3a
2000-09-19 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.062 Low
EPSS
Percentile
93.6%
Related for CVE-2000-0760