.. / CVE-2010-1429

Exploit for Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure (CVE-2010-1429)

Description:

Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about “deployed web contexts” via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.

Nuclei Template

View the template here CVE-2010-1429.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2010/CVE-2010-1429.yaml

References:

http://securitytracker.com/id?1023918
http://marc.info/?l=bugtraq&m=132698550418872&w=2
https://nvd.nist.gov/vuln/detail/CVE-2008-3273
https://rhn.redhat.com/errata/RHSA-2010-0377.html
https://nvd.nist.gov/vuln/detail/CVE-2010-1429

.. / CVE-2010-1429 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure (CVE-2010-1429)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2010-1429