Apache Tomcat is prone to a directory-traversal vulnerability and to an authentication-bypass vulnerability. Exploiting this issue allows attackers to delete arbitrary files within the context of the current working directory or gain unauthorized access to files and directories.. The following versions are affected: Tomcat 5.5.0 through 5.5.28 Tomcat 6.0.0 through 6.0.20
The vendor has released updates. Please see the references for details.
- Acritum Femitter Server HTTP Request Remote File Disclosure Vulnerability
- IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability
- CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
- Apache Tomcat Request Object Security Bypass Vulnerability (Win)
- IBM WebSphere Application Server Administration Directory Traversal Vulnerability