CVE-2008-5518
Apache Geronimo 2.1.3 - Multiple Directory Traversal Vulnerabilities
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet.
Múltiples vulnerabilidades de salto de directorio en la consola de administración web en Apache Geronimo Application Server 2.1 a 2.1.3 en Windows permiten a atacantes remotos subir ficheros a directorios de su elección a través de secuencias de salto de directorio en los parámetros 1) group, (2) artifact, (3) version, o (4) fileType para console/portal//Services/Repository (también conocido como el portlet Services/Repository); (5) el parámetro createDB para console/portal/Embedded DB/DB Manager (también conocido como el portlet Embedded DB/DB Manager); o el parámetro filename para el script createKeystore en el portlet Security/Keystores.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-12-12 CVE Reserved
- 2009-04-16 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-10-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/34715 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/502733/100/0/threaded | Mailing List | |
| http://www.vupen.com/english/advisories/2009/1089 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49898 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49899 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49900 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/8458 | 2024-08-07 | |
| http://dsecrg.com/pages/vul/show.php?id=118 | 2024-08-07 | |
| http://www.securityfocus.com/bid/34562 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214 | 2018-10-11 | |
| http://issues.apache.org/jira/browse/GERONIMO-4597 | 2018-10-11 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Geronimo Search vendor "Apache" for product "Geronimo" | 2.1 Search vendor "Apache" for product "Geronimo" and version "2.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Apache Search vendor "Apache" | Geronimo Search vendor "Apache" for product "Geronimo" | 2.1.1 Search vendor "Apache" for product "Geronimo" and version "2.1.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Apache Search vendor "Apache" | Geronimo Search vendor "Apache" for product "Geronimo" | 2.1.2 Search vendor "Apache" for product "Geronimo" and version "2.1.2" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Apache Search vendor "Apache" | Geronimo Search vendor "Apache" for product "Geronimo" | 2.1.3 Search vendor "Apache" for product "Geronimo" and version "2.1.3" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|