CVE-2000-0760

NUCLEI

Jakarta Tomcat <3.1-3.0 - Info Disclosure

Title source: llm

Description

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.

Exploits (1)

exploitdb WRITEUP VERIFIED

by ET LoWNOISE · textremotemultiple

https://www.exploit-db.com/exploits/20132

View Code ZIP pw:eip

Nuclei Templates (1)

Jakarta Tomcat 3.1 and 3.0 - Information Disclosure

MEDIUMVERIFIEDby Thabisocn,0x_Akoko

Shodan: cpe:"cpe:2.3:a:apache:tomcat" || http.component:"apache tomcat" || product:"tomcat"

FOFA: body="apache tomcat" || body="jk status manager"

References (2)

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/1532

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000%40grex.cyberspace.org

Scores

EPSS 0.4240

EPSS Percentile 97.5%

Details

Status published

Products (2)

apache/tomcat 3.0

apache/tomcat 3.1

Published Oct 20, 2000

Tracked Since Feb 18, 2026