First published: Tue Jul 25 2006(Updated: )
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Tomcat | =5.0.28 | |
Apache Tomcat | =5.5.7 | |
Apache Tomcat | =5.5.9 | |
Apache Tomcat | =5.5.12 | |
Apache Tomcat | =5.5.16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.