Sun Java Web Server 1.1 Beta Viewable .jhtml Source Vulnerability

Exploit Datenbank (exploit-db.com)
CVE Datenbank (cve.mitre.org)
OSVDB Datenbank (osvdb.org)
Javier Perez 16.07.1997 Verified
Remote Exploits Windows

Exploit Code

Code Download 
source: http://www.securityfocus.com/bid/1891/info

A vulnerability exists in Sun Microsystems' JavaWebServer for Win32, version 1.1Beta. JavaWebServer is a Java-oriented web application development platform.

If a URL is submitted requesting a .jhtml file (an HTML document with embedded Java source) and a '.' or '/' character is appended to the filename, the source for that .jhtml file will be returned to the client, rather than being compiled on the server. As a result, system information which is not intended for disclosure to the client, such as database usernames and passwords, resource locations, website and network structure and business models, may be obtained by the attacker. As well as its inherent sensitivity, this type of information could potentially be used to implement other attacks on the host.

http://localhost/xyz.jhtml. 

or 

http://localhost/xyz.jhtml\