CVE-2009-2693
tomcat: unexpected file deletion and/or alteration
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
Vulnerabilidad de salto de directorio en Apache Tomcat v5.5.0 a la v5.5.28 y v6.0.0 a la v6.0.20, permite a atacantes remotos crear, sobrescribir archivos de su elección a través de .. (punto punto) en una entrada en un archivo WAR, como se demostró con la entrada ../../bin/catalina.bat.
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle characters or sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked this issue exists because of an incomplete fix for CVE-2007-3385. Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via. sequences and the WEB-INF directory in a Request. Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header. Other issues have also been addressed.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-08-05 CVE Reserved
- 2010-01-28 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (49)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://svn.apache.org/viewvc?rev=892815&view=rev | 2023-11-07 | |
| http://tomcat.apache.org/security-5.html | 2023-11-07 | |
| http://tomcat.apache.org/security-6.html | 2023-11-07 | |
| http://www.vupen.com/english/advisories/2010/0213 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.0 Search vendor "Apache" for product "Tomcat" and version "5.5.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.1 Search vendor "Apache" for product "Tomcat" and version "5.5.1" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.2 Search vendor "Apache" for product "Tomcat" and version "5.5.2" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.3 Search vendor "Apache" for product "Tomcat" and version "5.5.3" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.4 Search vendor "Apache" for product "Tomcat" and version "5.5.4" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.5 Search vendor "Apache" for product "Tomcat" and version "5.5.5" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.6 Search vendor "Apache" for product "Tomcat" and version "5.5.6" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.7 Search vendor "Apache" for product "Tomcat" and version "5.5.7" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.8 Search vendor "Apache" for product "Tomcat" and version "5.5.8" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.9 Search vendor "Apache" for product "Tomcat" and version "5.5.9" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.10 Search vendor "Apache" for product "Tomcat" and version "5.5.10" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.11 Search vendor "Apache" for product "Tomcat" and version "5.5.11" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.12 Search vendor "Apache" for product "Tomcat" and version "5.5.12" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.13 Search vendor "Apache" for product "Tomcat" and version "5.5.13" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.14 Search vendor "Apache" for product "Tomcat" and version "5.5.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.15 Search vendor "Apache" for product "Tomcat" and version "5.5.15" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.16 Search vendor "Apache" for product "Tomcat" and version "5.5.16" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.17 Search vendor "Apache" for product "Tomcat" and version "5.5.17" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.18 Search vendor "Apache" for product "Tomcat" and version "5.5.18" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.19 Search vendor "Apache" for product "Tomcat" and version "5.5.19" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.20 Search vendor "Apache" for product "Tomcat" and version "5.5.20" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.21 Search vendor "Apache" for product "Tomcat" and version "5.5.21" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.22 Search vendor "Apache" for product "Tomcat" and version "5.5.22" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.23 Search vendor "Apache" for product "Tomcat" and version "5.5.23" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.24 Search vendor "Apache" for product "Tomcat" and version "5.5.24" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.25 Search vendor "Apache" for product "Tomcat" and version "5.5.25" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.26 Search vendor "Apache" for product "Tomcat" and version "5.5.26" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.27 Search vendor "Apache" for product "Tomcat" and version "5.5.27" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.28 Search vendor "Apache" for product "Tomcat" and version "5.5.28" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0 Search vendor "Apache" for product "Tomcat" and version "6.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.0 Search vendor "Apache" for product "Tomcat" and version "6.0.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.1 Search vendor "Apache" for product "Tomcat" and version "6.0.1" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.2 Search vendor "Apache" for product "Tomcat" and version "6.0.2" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.3 Search vendor "Apache" for product "Tomcat" and version "6.0.3" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.4 Search vendor "Apache" for product "Tomcat" and version "6.0.4" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.5 Search vendor "Apache" for product "Tomcat" and version "6.0.5" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.6 Search vendor "Apache" for product "Tomcat" and version "6.0.6" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.7 Search vendor "Apache" for product "Tomcat" and version "6.0.7" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.8 Search vendor "Apache" for product "Tomcat" and version "6.0.8" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.9 Search vendor "Apache" for product "Tomcat" and version "6.0.9" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.10 Search vendor "Apache" for product "Tomcat" and version "6.0.10" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.11 Search vendor "Apache" for product "Tomcat" and version "6.0.11" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.12 Search vendor "Apache" for product "Tomcat" and version "6.0.12" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.13 Search vendor "Apache" for product "Tomcat" and version "6.0.13" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.14 Search vendor "Apache" for product "Tomcat" and version "6.0.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.15 Search vendor "Apache" for product "Tomcat" and version "6.0.15" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.16 Search vendor "Apache" for product "Tomcat" and version "6.0.16" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.17 Search vendor "Apache" for product "Tomcat" and version "6.0.17" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.18 Search vendor "Apache" for product "Tomcat" and version "6.0.18" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.19 Search vendor "Apache" for product "Tomcat" and version "6.0.19" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 6.0.20 Search vendor "Apache" for product "Tomcat" and version "6.0.20" | - |
Affected
| ||||||