First published: Wed Mar 14 2007(Updated: )
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/pcsc-lite | <0:1.3.3-3.el4 | 0:1.3.3-3.el4 |
redhat/rhpki-ca | <0:7.3.0-20.el4 | 0:7.3.0-20.el4 |
redhat/rhpki-java-tools | <0:7.3.0-10.el4 | 0:7.3.0-10.el4 |
redhat/rhpki-kra | <0:7.3.0-14.el4 | 0:7.3.0-14.el4 |
redhat/rhpki-manage | <0:7.3.0-19.el4 | 0:7.3.0-19.el4 |
redhat/rhpki-native-tools | <0:7.3.0-6.el4 | 0:7.3.0-6.el4 |
redhat/rhpki-ocsp | <0:7.3.0-13.el4 | 0:7.3.0-13.el4 |
redhat/rhpki-tks | <0:7.3.0-13.el4 | 0:7.3.0-13.el4 |
redhat/jakarta-commons-modeler | <0:1.1-8jpp.1.0.2.el5 | 0:1.1-8jpp.1.0.2.el5 |
redhat/tomcat5 | <0:5.5.23-0jpp.1.0.3.el5 | 0:5.5.23-0jpp.1.0.3.el5 |
redhat/java | <1.4.2-ibm-0:1.4.2.10-1jpp.2.el4 | 1.4.2-ibm-0:1.4.2.10-1jpp.2.el4 |
redhat/rhn-apache | <0:1.3.27-36.rhn.rhel4 | 0:1.3.27-36.rhn.rhel4 |
redhat/rhn-modjk | <0:1.2.23-2rhn.rhel4 | 0:1.2.23-2rhn.rhel4 |
redhat/rhn-modperl | <0:1.29-16.rhel4 | 0:1.29-16.rhel4 |
redhat/rhn-modssl | <0:2.8.12-8.rhn.10.rhel4 | 0:2.8.12-8.rhn.10.rhel4 |
redhat/java | <1.4.2-ibm-0:1.4.2.10-1jpp.2.el3 | 1.4.2-ibm-0:1.4.2.10-1jpp.2.el3 |
redhat/rhn-apache | <0:1.3.27-36.rhn.rhel3 | 0:1.3.27-36.rhn.rhel3 |
redhat/rhn-modjk | <0:1.2.23-2rhn.rhel3 | 0:1.2.23-2rhn.rhel3 |
redhat/rhn-modperl | <0:1.29-16.rhel3 | 0:1.29-16.rhel3 |
redhat/rhn-modssl | <0:2.8.12-8.rhn.10.rhel3 | 0:2.8.12-8.rhn.10.rhel3 |
redhat/jbossas | <0:4.0.5-2.CP04.el4 | 0:4.0.5-2.CP04.el4 |
>=5.0.0<5.5.22 | ||
>=6.0.0<6.0.10 | ||
Apache Tomcat | >=5.0.0<5.5.22 | |
Apache Tomcat | >=6.0.0<6.0.10 | |
Apache HTTP server | ||
maven/org.apache.tomcat:tomcat | >=6.0<6.0.10 | 6.0.10 |
maven/org.apache.tomcat:tomcat | >=5.0<5.5.22 | 5.5.22 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)