CVSS: 5.8EPSS: 0%CPEs: 51EXPL: 0CVE-2009-2693 – tomcat: unexpected file deletion and/or alteration
https://notcve.org/view.php?id=CVE-2009-2693
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry. Vulnerabilidad de salto de directorio en Apache Tomcat v5.5.0 a la v5.5.28 y v6.0.0 a la v6.0.20, permite a atacantes remotos crear, sobrescribir archivos de su elección a través de .. (punto punto) en una entrada en un archivo WAR, como se demostró con la entrada ../.. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info&#x • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 51EXPL: 0CVE-2009-2901
https://notcve.org/view.php?id=CVE-2009-2901
The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests. El proceso de auto despliegue en Apache Tomcat desde v5.5.0 hasta v5.5.28 y desde v6.0.0 hasta v6.0.20, cuando AutoDeploy esta activado, despliega ficheros appBase que se mantienen de un plegado fallido lo que permite a atacantes remotos evitar la autenticación a través de peticiones HTTP. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=13934 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 51EXPL: 0CVE-2009-2902 – tomcat: unexpected file deletion in work directory
https://notcve.org/view.php?id=CVE-2009-2902
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. Vulnerabilidad de salto de directorio en Apache Tomcat desde v5.5.0 hasta v5.5.28 y desde v6.0.0 hasta v6.0.20 permite a atacantes remotos borrar ficheros del directorio de trabajo a través de secuencias de salto de directorio en un nombre de fichero WAR, como se demuestra en ..war nombre de fichero. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info&#x • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 23%CPEs: 142EXPL: 2CVE-2009-3548 – Apache Tomcat Manager - Application Upload (Authenticated) Code Execution
https://notcve.org/view.php?id=CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges. El instalador de Windows para Apache Tomcat 6.0.0 a 6.0.20, 5.5.0 a 5.5.28, y posiblemente versiones anteriores, usa una contraseña en blanco por defecto para el usuario administrador, lo que permite a atacantes remotos obtener privilegios. • https://www.exploit-db.com/exploits/31433 https://www.exploit-db.com/exploits/16317 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113 http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/? • CWE-255: Credentials Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 80EXPL: 0CVE-2008-5515 – tomcat request dispatcher information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2008-5515
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request. Apache Tomcat desde v4.1.0 hasta v4.1.39, desde v5.5.0 hasta v5.5.27, desde v6.0.0 hasta v6.0.18, y posiblemente versiones anteriores que normalizan la ruta del directorio objetivo antes de filtrar la cadena de petición cuando se utiliza el método RequestDispatcher, lo que permitiría atacantes remotos evitar las restricciones de acceso previstas y que llevaría a un salto de directorio a través de secuencias ..(punto punto) y el directorio WEB-INF en una petición. When using a RequestDispatcher obtained from the Request in Apache Tomcat, the target path was normalized before the query string was removed. • http://jvn.jp/en/jp/JVN63832775/index.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info/?l=bugtraq&m=129070310906557&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://secunia.com/advisories/35393 http://secunia.com&# • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •