CVE-2008-2938

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.

References

http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

http://marc.info/?l=bugtraq&m=123376588623823&w=2

http://secunia.com/advisories/31639

http://secunia.com/advisories/31865

http://secunia.com/advisories/31891

http://secunia.com/advisories/31982

http://secunia.com/advisories/32120

http://secunia.com/advisories/32222

http://secunia.com/advisories/32266

http://secunia.com/advisories/33797

http://secunia.com/advisories/37297

http://securityreason.com/securityalert/4148

http://support.apple.com/kb/HT3216

http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm

http://tomcat.apache.org/security-4.html

http://tomcat.apache.org/security-5.html

http://tomcat.apache.org/security-6.html

http://www.kb.cert.org/vuls/id/343355

http://www.mandriva.com/security/advisories?name=MDVSA-2008:188

http://www.redhat.com/support/errata/RHSA-2008-0648.html

http://www.redhat.com/support/errata/RHSA-2008-0862.html

http://www.redhat.com/support/errata/RHSA-2008-0864.html

http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt

http://www.securityfocus.com/archive/1/495318/100/0/threaded

http://www.securityfocus.com/archive/1/507729/100/0/threaded

http://www.securityfocus.com/bid/30633

http://www.securityfocus.com/bid/31681

http://www.securitytracker.com/id?1020665

http://www.vupen.com/english/advisories/2008/2343

http://www.vupen.com/english/advisories/2008/2780

http://www.vupen.com/english/advisories/2008/2823

http://www.vupen.com/english/advisories/2009/0320

https://exchange.xforce.ibmcloud.com/vulnerabilities/44411

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10587

https://www.exploit-db.com/exploits/6229

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html

Details

Source: MITRE

Published: 2008-08-13

Updated: 2019-03-25

Type: CWE-22

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
67733Oracle Linux 5 : tomcat (ELSA-2008-0648)NessusOracle Linux Local Security Checks
medium
63868RHEL 4 / 5 : jbossweb (RHSA-2008:0877)NessusRed Hat Local Security Checks
medium
60470Scientific Linux Security Update : tomcat on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
43842RHEL 4 : tomcat in Satellite Server (RHSA-2008:1007)NessusRed Hat Local Security Checks
medium
43703CentOS 5 : tomcat5 (CESA-2008:0648)NessusCentOS Local Security Checks
medium
41596SuSE 10 Security Update : Websphere Community Edition (ZYPP Patch Number 5850)NessusSuSE Local Security Checks
high
41238SuSE9 Security Update : Tomcat (YOU Patch Number 12232)NessusSuSE Local Security Checks
medium
40143openSUSE Security Update : tomcat6 (tomcat6-161)NessusSuSE Local Security Checks
medium
36926Mandriva Linux Security Advisory : tomcat5 (MDVSA-2008:188)NessusMandriva Local Security Checks
medium
34374Mac OS X Multiple Vulnerabilities (Security Update 2008-007)NessusMacOS X Local Security Checks
critical
34227Fedora 8 : tomcat5-5.5.27-0jpp.2.fc8 (2008-8130)NessusFedora Local Security Checks
medium
34226Fedora 9 : tomcat5-5.5.27-0jpp.2.fc9 (2008-8113)NessusFedora Local Security Checks
medium
34185Fedora 9 : tomcat6-6.0.18-1.1.fc9 (2008-7977)NessusFedora Local Security Checks
medium
34168openSUSE 10 Security Update : tomcat55 (tomcat55-5547)NessusSuSE Local Security Checks
medium
34155openSUSE 10 Security Update : tomcat5 (tomcat5-5542)NessusSuSE Local Security Checks
medium
34154SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 5539)NessusSuSE Local Security Checks
medium
34057RHEL 5 : tomcat (RHSA-2008:0648)NessusRed Hat Local Security Checks
medium
4621Apache Tomcat 4.1.x < 4.1.38 / 5.5.x < 5.5.27 / 6.0.x < 6.0.18 Linking UTF-8 Traversal Arbitrary File AccessNessus Network MonitorWeb Servers
medium
33866Apache Tomcat allowLinking UTF-8 Traversal Arbitrary File AccessNessusCGI abuses
medium
800620Apache Tomcat < 6.0.18 UTF-8 Directory Traversal Arbitrary File AccessLog Correlation EngineWeb Servers
medium