Apache Tomcat HTTP Server Directory Traversal

Apache Tomcat HTTP Server Directory Traversal

Affected System(s)

Operating System:

AIX 5.x

Description:

A vulnerability in Apache Tomcat HTTP server may allow for directory traversal attacks.

Recommendation:

The vendor has made an update available for remediation here:

http://tomcat.apache.org/

Observation:

Apache Tomcat is the servlet container for JavaServlet and JavaServer Page Web applications.

A vulnerability in Apache Tomcat HTTP server may allow for directory traversal attacks. The vulnerability is cause by a misconfiguration of certain modules. An attacker could craft a special URL to view directories and files on the HTTP server without authorization.

Common Vulnerabilities & Exposures (CVE) Link:

CVE-2007-0450

IAVA Reference Number

2008-B-0018, 2007-B-0021

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.