CVE-2008-5515

MEDIUM

Description

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.

References

http://jvn.jp/en/jp/JVN63832775/index.html

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

http://marc.info/?l=bugtraq&m=127420533226623&w=2

http://marc.info/?l=bugtraq&m=129070310906557&w=2

http://marc.info/?l=bugtraq&m=136485229118404&w=2

http://secunia.com/advisories/35393

http://secunia.com/advisories/35685

http://secunia.com/advisories/35788

http://secunia.com/advisories/37460

http://secunia.com/advisories/39317

http://secunia.com/advisories/42368

http://secunia.com/advisories/44183

http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1

http://support.apple.com/kb/HT4077

http://tomcat.apache.org/security-4.html

http://tomcat.apache.org/security-5.html

http://tomcat.apache.org/security-6.html

http://www.debian.org/security/2011/dsa-2207

http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html

http://www.mandriva.com/security/advisories?name=MDVSA-2009:136

http://www.mandriva.com/security/advisories?name=MDVSA-2009:138

http://www.mandriva.com/security/advisories?name=MDVSA-2010:176

http://www.securityfocus.com/archive/1/504170/100/0/threaded

http://www.securityfocus.com/archive/1/504202/100/0/threaded

http://www.securityfocus.com/archive/1/507985/100/0/threaded

http://www.securityfocus.com/bid/35263

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

http://www.vupen.com/english/advisories/2009/1520

http://www.vupen.com/english/advisories/2009/1535

http://www.vupen.com/english/advisories/2009/1856

http://www.vupen.com/english/advisories/2009/3316

http://www.vupen.com/english/advisories/2010/3056

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445

https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html

https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html

https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html

Details

Source: MITRE

Published: 2009-06-16

Updated: 2019-03-25

Type: CWE-22

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM