VYPR

Jserv

by Apache

CVEs (1)

  • CVE-2000-1247Oct 5, 2011
    risk 0.00cvss epss 0.01

    The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.