CVE-2007-1860

MEDIUM

Description

mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.

References

http://docs.info.apple.com/article.html?artnum=306172

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html

http://secunia.com/advisories/25383

http://secunia.com/advisories/25701

http://secunia.com/advisories/26235

http://secunia.com/advisories/26512

http://secunia.com/advisories/27037

http://secunia.com/advisories/29242

http://security.gentoo.org/glsa/glsa-200708-15.xml

http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1

http://tomcat.apache.org/security-jk.html

http://www.debian.org/security/2007/dsa-1312

http://www.osvdb.org/34877

http://www.redhat.com/support/errata/RHSA-2007-0379.html

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://www.securityfocus.com/bid/24147

http://www.securityfocus.com/bid/25159

http://www.securitytracker.com/id?1018138

http://www.vupen.com/english/advisories/2007/1941

http://www.vupen.com/english/advisories/2007/2732

http://www.vupen.com/english/advisories/2007/3386

https://exchange.xforce.ibmcloud.com/vulnerabilities/34496

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6002

Details

Source: MITRE

Published: 2007-05-25

Updated: 2019-04-15

Type: CWE-22

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:tomcat_jk_web_server_connector:*:*:*:*:*:*:*:* versions up to 1.2.22 (inclusive)

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
43837RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)NessusRed Hat Local Security Checks
critical
43835RHEL 4 : Satellite Server (RHSA-2008:0261)NessusRed Hat Local Security Checks
critical
41198SuSE9 Security Update : Tomcat (YOU Patch Number 12078)NessusSuSE Local Security Checks
medium
31338openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4997)NessusSuSE Local Security Checks
medium
31319openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4992)NessusSuSE Local Security Checks
medium
31298SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 4990)NessusSuSE Local Security Checks
medium
25921GLSA-200708-15 : Apache mod_jk: Directory traversalNessusGentoo Local Security Checks
medium
25830Mac OS X Multiple Vulnerabilities (Security Update 2007-007)NessusMacOS X Local Security Checks
critical
25556Debian DSA-1312-1 : libapache-mod-jk - programming errorNessusDebian Local Security Checks
medium
25427FreeBSD : mod_jk -- information disclosure (d9405748-1342-11dc-a35c-001485ab073e)NessusFreeBSD Local Security Checks
medium