JSPs and Servlets vulnerability in Cabi 3.3

Document ID : KB000048458
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

When performing security assessment using a tool named Nessus, the following vulnerability files are found under Apache tomcat directory.

Vulnerability:

Example JSPs and Servlets are installed in the remote Apache Tomcat> servlet/JSP directories

Recommendation:

Review the files and delete those that are not needed.

/examples/servlets/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/index.html

Path of the files:

/opt/CA/SharedComponents/CommonReporting3/bobje/enterprise120/warfiles/WebApps/examples/jsp/snp/snoop.jsp /opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/jsp/snp/snoop.jsp /opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/jsp/index.html/opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/servlets/index.html

Solution:

These files can be deleted manually on the Cabi server by following the below defined procedure.

Vulnerability:

The Servlet/JSP container files may help an attacker to uncover information about the web-server installation like version, compilation etc. Using this information the attacker can try to exploit using specific vulnerabilities.

There is no CVE number for this specific information.

Solution:

  1. Logon to Cabi server. Stop the Apache tomcat service

  2. Make sure you backup both the examples and work directory under tomcat6 directory of Boxi installation folder before deleting.

  3. Remove the examples directory.

  4. Remove the work directory

  5. Start the apache tomcat service.

Check if the Infoview is active and that all the reports are functioning properly.