Path Disclosure Vulnerability in NewAtlanta ServletExec ISAPI 4.1

Path Disclosure Vulnerability in NewAtlanta ServletExec ISAPI 4.1

CVE-2002-0892 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.

Learn more about our Web App Pen Testing.