CVE-2007-0450 – Apache Tomcat 5.x/6.0.x - Directory Traversal

https://notcve.org/view.php?id=CVE-2007-0450

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache. Vulnerabilidad de salto de directorio en Apache HTTP Server y Tomcat 5.x anterior a 5.5.22 y 6.x anterior a 6.0.10, al usar ciertos módulos de proxy (mod_proxy, mod_rewrite, mod_jk), permite a atacantes remotos leer ficheros de su elección mediante una secuencia .. (punto punto) con combinaciones de caracteres (1) "/" (barra), (2) "\" (barra invertida), y (3) barra invertida con codificación de URL (%5C), los cuales son separadores válidos en Tomcat pero no en Apache. • https://www.exploit-db.com/exploits/29739 http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://docs.info.apple.com/article.html?artnum=306172 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://lists.vmware.com/pipermail/security-announce/2008/000003.html http://secunia.com/advisories/24732 http://secunia.com/advisories/25106 http://secunia.com/adv • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •