http/misconfiguration/tomcat-scripts.yaml

id: tomcat-scripts

info:
  name: Apache Tomcat Example Scripts - Detect
  author: Co0nan,Higor Melgaço
  severity: info
  description: Multiple Apache Tomcat example scripts were detected.
  reference:
    - https://www.acunetix.com/vulnerabilities/web/apache-tomcat-examples-directory-vulnerabilities/
    - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-example-leaks/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    max-request: 8
  tags: apache,tomcat,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/examples/servlets/index.html"
      - "{{BaseURL}}/examples/jsp/index.html"
      - "{{BaseURL}}/examples/websocket/index.xhtml"
      - "{{BaseURL}}/examples/servlets/servlet/SessionExample"
      - "{{BaseURL}}/..;/examples/servlets/index.html"
      - "{{BaseURL}}/..;/examples/jsp/index.html"
      - "{{BaseURL}}/..;/examples/websocket/index.xhtml"
      - "{{BaseURL}}/..;/examples/servlets/servlet/SessionExample"

    matchers:
      - type: word
        words:
          - "JSP Examples"
          - "JSP Samples"
          - "Servlets Examples"
          - "WebSocket Examples"
          - "GET based form"
        condition: or
# digest: 4b0a00483046022100aac6a63aa0518f6565482b805dd6bd9c63c1511d18c58544b66602717d62b34f022100cb0fee4015875fccd6a652e0d97a0540fe530be1d47e39cd1019c83d506b1f04:922c64590222798bb761d5b6d8e72950
added Tomcat Exposed Scripts detection 2020-06-20 16:02:29 +05:30			`id: tomcat-scripts`

			`info:`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 16:28:23 -05:00			`name: Apache Tomcat Example Scripts - Detect`
Path - updates 2023-04-21 17:24:57 +05:30			`author: Co0nan,Higor Melgaço`
severity updates 2020-09-20 18:27:43 +05:30			`severity: info`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 16:28:23 -05:00			`description: Multiple Apache Tomcat example scripts were detected.`
Path - updates 2023-04-21 17:24:57 +05:30			`reference:`
			`- https://www.acunetix.com/vulnerabilities/web/apache-tomcat-examples-directory-vulnerabilities/`
			`- https://www.rapid7.com/db/vulnerabilities/apache-tomcat-example-leaks/`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 16:28:23 -05:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`
templateman update 2023-10-14 16:57:55 +05:30			`cvss-score: 0`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 16:28:23 -05:00			`cwe-id: CWE-200`
Added max request counter of each template 2023-04-28 13:41:21 +05:30			`metadata:`
			`max-request: 8`
templateman update 2023-10-14 16:57:55 +05:30			`tags: apache,tomcat,misconfig`
added Tomcat Exposed Scripts detection 2020-06-20 16:02:29 +05:30
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 09:58:59 +05:30			`http:`
added Tomcat Exposed Scripts detection 2020-06-20 16:02:29 +05:30			`- method: GET`
			`path:`
			`- "{{BaseURL}}/examples/servlets/index.html"`
			`- "{{BaseURL}}/examples/jsp/index.html"`
Update tomcat-scripts.yaml Fix spaces 2020-08-18 23:37:24 -05:00			`- "{{BaseURL}}/examples/websocket/index.xhtml"`
Path - updates 2023-04-21 17:24:57 +05:30			`- "{{BaseURL}}/examples/servlets/servlet/SessionExample"`
Update tomcat-scripts.yaml Add websocket url and Orange-Tsai Path Normalization trick 2020-08-18 23:33:05 -05:00			`- "{{BaseURL}}/..;/examples/servlets/index.html"`
			`- "{{BaseURL}}/..;/examples/jsp/index.html"`
Update tomcat-scripts.yaml Fix spaces 2020-08-18 23:37:24 -05:00			`- "{{BaseURL}}/..;/examples/websocket/index.xhtml"`
Path - updates 2023-04-21 17:24:57 +05:30			`- "{{BaseURL}}/..;/examples/servlets/servlet/SessionExample"`
Apache Tomcat Template improvements (#3446) * Improved Tomcat matchers / extractors / paths * removed duplicate detections / matchers * removed duplicate template * Added missing tomcat tags 2021-12-29 19:10:59 +05:30
added Tomcat Exposed Scripts detection 2020-06-20 16:02:29 +05:30			`matchers:`
			`- type: word`
			`words:`
			`- "JSP Examples"`
			`- "JSP Samples"`
			`- "Servlets Examples"`
Update tomcat-scripts.yaml Add websocket url and Orange-Tsai Path Normalization trick 2020-08-18 23:33:05 -05:00			`- "WebSocket Examples"`
Path - updates 2023-04-21 17:24:57 +05:30			`- "GET based form"`
Apache Tomcat Template improvements (#3446) * Improved Tomcat matchers / extractors / paths * removed duplicate detections / matchers * removed duplicate template * Added missing tomcat tags 2021-12-29 19:10:59 +05:30			`condition: or`
chore: sign templates 🤖 2024-12-01 13:57:55 +00:00			`# digest: 4b0a00483046022100aac6a63aa0518f6565482b805dd6bd9c63c1511d18c58544b66602717d62b34f022100cb0fee4015875fccd6a652e0d97a0540fe530be1d47e39cd1019c83d506b1f04:922c64590222798bb761d5b6d8e72950`