Detections
Analytics

Apache Tomcat 5.x < 5.5.22 / 6.0.x < 6.0.10 Directory Traversal Arbitrary File Access

medium Nessus Network Monitor Plugin ID 3949

Synopsis

The remote host is vulnerable to a directory traversal flaw.

Description

According to its self-reported version number, the Apache Tomcat instance listening on the remote host is prior to 6.0.10. It is, therefore, affected by the following vulnerability :

- A directory traversal vulnerability exists in Tomcat due to improper handling of certain path delimiters when behind a proxy. An unauthenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server's restricted path.

Solution

Upgrade to version 5.5.23, 6.0.10 or higher.

See Also

http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.22,_5.0.SVN,http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10

Plugin Details

Severity: Medium

ID: 3949

Family: Web Servers

Published: 3/14/2007

Updated: 3/6/2019

Nessus ID: 43623

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:apache:tomcat

Patch Publication Date: 2/28/2007

Vulnerability Publication Date: 2/28/2007

Reference Information

CVE: CVE-2007-0450

BID: 22960