Apache Tomcat 4.1.0,4.1.37,5.5.0,5.5.26 directory traversal

2010.02.28

Credit: none

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Vulnerability description:
An input validation error can be exploited to download arbitrary files via directory traversal attacks. 

Successful exploitation requires that a context is configured with allowLinking="true" and that the connector is configured with URIEncoding="UTF-8". 

Affected versions 4.1.0 to 4.1.37, 5.5.0 to 5.5.26.
Affected items
test : http://127.0.0.1:7021/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
The impact of this vulnerability
The remote atacker can download arbitrary files via directory traversal attacks.

How to fix this vulnerability
The problem was fixed in the SVN.

Web references
Apache Tomcat 5.x vulnerabilities :=> http://tomcat.apache.org/security-5.html

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Apache Tomcat 4.1.0,4.1.37,5.5.0,5.5.26 directory traversal

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.