mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-11 16:47:12 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2015-2080
Description
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
POC
Reference
- http://packetstormsecurity.com/files/130567/Jetty-9.2.8-Shared-Buffer-Leakage.html
- http://seclists.org/fulldisclosure/2015/Mar/12
- https://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html
Github
- https://github.com/3llio0T/Active-
- https://github.com/6a6f6a6f/CVE-2015-2080
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/LibHunter/LibHunter
- https://github.com/albinowax/ActiveScanPlusPlus
- https://github.com/cranelab/webapp-tech
- https://github.com/ilmila/J2EEScan
- https://github.com/ronoski/j2ee-rscan