Description

This alert was generated using only banner information. It may be a false positive.

Fixed in Apache Tomcat 6.0.10:
  • important: Directory traversal CVE-2007-0450
    Tomcat permits '\', '%2F' and '%5C' as path delimiters. When Tomcat is used behind a proxy (including, but not limited to, Apache HTTP server with mod_proxy and mod_jk) configured to only proxy some contexts, a HTTP request containing strings like "/\../" may allow attackers to work around the context restriction of the proxy, and access the non-proxied contexts.

    The following Java system properties have been added to Tomcat to provide additional control of the handling of path delimiters in URLs (both options default to false):

    * org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH: true|false
    * org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH: true|false

    Due to the impossibility to guarantee that all URLs are handled by Tomcat as they are in proxy servers, Tomcat should always be secured as if no proxy restricting context access was used.

Affected Apache Tomcat version (6.0.0 - 6.0.9).

Remediation

Upgrade Apache Tomcat to the latest version.

References

Apache Tomcat 6.x vulnerabilities

Related Vulnerabilities

Homepage SlideShow 'upload.php' Arbitrary File Upload (2.0)

Simple Link Directory Cross-Site Scripting (7.3.4)

LimeSurvey CVE-2019-16180 Vulnerability (CVE-2019-16180)

MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-0226)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4791)

Severity

Medium

Classification

CVE-2007-0450 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Directory Traversal Missing Update