Description

Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.

Remediation

References

CVE-2006-3835

Related Vulnerabilities

Grafana Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-10452)

Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2749)

WordPress Plugin Another WordPress Classifieds Multiple Vulnerabilities (2.2.1)

WordPress Plugin Flamingo Code Injection (1.1)

Oracle Database Server CVE-2006-5332 Vulnerability (CVE-2006-5332)

Severity

Medium

Classification

CVE-2006-3835

Tags

Missing Update Known Vulnerabilities