CVE-2007-0450
Apache Tomcat 5.x/6.0.x - Directory Traversal
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
Vulnerabilidad de salto de directorio en Apache HTTP Server y Tomcat 5.x anterior a 5.5.22 y 6.x anterior a 6.0.10, al usar ciertos módulos de proxy (mod_proxy, mod_rewrite, mod_jk), permite a atacantes remotos leer ficheros de su elección mediante una secuencia .. (punto punto) con combinaciones de caracteres (1) "/" (barra), (2) "\" (barra invertida), y (3) barra invertida con codificación de URL (%5C), los cuales son separadores válidos en Tomcat pero no en Apache.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-01-23 CVE Reserved
- 2007-03-14 First Exploit
- 2007-03-16 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (59)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/29739 | 2007-03-14 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | - | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | >= 5.0.0 < 5.5.22 Search vendor "Apache" for product "Tomcat" and version " >= 5.0.0 < 5.5.22" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | >= 6.0.0 < 6.0.10 Search vendor "Apache" for product "Tomcat" and version " >= 6.0.0 < 6.0.10" | - |
Affected
|