When performing security assessment using a tool named Nessus, the following vulnerability files are found under Apache tomcat directory.
Example JSPs and Servlets are installed in the remote Apache Tomcat> servlet/JSP directories
Review the files and delete those that are not needed.
Path of the files:
/opt/CA/SharedComponents/CommonReporting3/bobje/enterprise120/warfiles/WebApps/examples/jsp/snp/snoop.jsp /opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/jsp/snp/snoop.jsp /opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/jsp/index.html/opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/servlets/index.html
These files can be deleted manually on the Cabi server by following the below defined procedure.
The Servlet/JSP container files may help an attacker to uncover information about the web-server installation like version, compilation etc. Using this information the attacker can try to exploit using specific vulnerabilities.
There is no CVE number for this specific information.
- Logon to Cabi server. Stop the Apache tomcat service
- Make sure you backup both the examples and work directory under tomcat6 directory of Boxi installation folder before deleting.
- Remove the examples directory.
- Remove the work directory
- Start the apache tomcat service.
Check if the Infoview is active and that all the reports are functioning properly.