CVE - CVE-2007-0450

CVE-ID
CVE-2007-0450	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2007-07-31 URL:http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html BID:22960 URL:http://www.securityfocus.com/bid/22960 BID:25159 URL:http://www.securityfocus.com/bid/25159 BUGTRAQ:20070314 SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal URL:http://www.securityfocus.com/archive/1/462791/100/0/threaded BUGTRAQ:20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 URL:http://www.securityfocus.com/archive/1/485938/100/0/threaded BUGTRAQ:20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities URL:http://www.securityfocus.com/archive/1/500396/100/0/threaded BUGTRAQ:20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) URL:http://www.securityfocus.com/archive/1/500412/100/0/threaded CONFIRM:http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx CONFIRM:http://docs.info.apple.com/article.html?artnum=306172 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm CONFIRM:http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 CONFIRM:http://tomcat.apache.org/security-4.html CONFIRM:http://tomcat.apache.org/security-5.html CONFIRM:http://tomcat.apache.org/security-6.html CONFIRM:http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html GENTOO:GLSA-200705-03 URL:http://security.gentoo.org/glsa/glsa-200705-03.xml HP:HPSBUX02262 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 HP:SSRT071447 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 MANDRIVA:MDKSA-2007:241 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:241 MISC:http://www.sec-consult.com/287.html MISC:http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt MLIST:[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 URL:http://lists.vmware.com/pipermail/security-announce/2008/000003.html MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ URL:https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ URL:https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ URL:https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [25/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ URL:https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E MLIST:[tomcat-dev] 20190413 svn commit: r1857494 [18/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ URL:https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E MLIST:[tomcat-dev] 20190415 svn commit: r1857582 [20/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ URL:https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E OVAL:oval:org.mitre.oval:def:10643 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10643 REDHAT:RHSA-2007:0327 URL:http://www.redhat.com/support/errata/RHSA-2007-0327.html REDHAT:RHSA-2007:0360 URL:http://www.redhat.com/support/errata/RHSA-2007-0360.html REDHAT:RHSA-2008:0261 URL:http://www.redhat.com/support/errata/RHSA-2008-0261.html SECUNIA:24732 URL:http://secunia.com/advisories/24732 SECUNIA:25106 URL:http://secunia.com/advisories/25106 SECUNIA:25280 URL:http://secunia.com/advisories/25280 SECUNIA:26235 URL:http://secunia.com/advisories/26235 SECUNIA:26660 URL:http://secunia.com/advisories/26660 SECUNIA:27037 URL:http://secunia.com/advisories/27037 SECUNIA:28365 URL:http://secunia.com/advisories/28365 SECUNIA:30899 URL:http://secunia.com/advisories/30899 SECUNIA:30908 URL:http://secunia.com/advisories/30908 SECUNIA:33668 URL:http://secunia.com/advisories/33668 SREASON:2446 URL:http://securityreason.com/securityalert/2446 SUNALERT:239312 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 SUSE:SUSE-SR:2007:005 URL:http://www.novell.com/linux/security/advisories/2007_5_sr.html SUSE:SUSE-SR:2007:015 URL:http://www.novell.com/linux/security/advisories/2007_15_sr.html VUPEN:ADV-2007-0975 URL:http://www.vupen.com/english/advisories/2007/0975 VUPEN:ADV-2007-2732 URL:http://www.vupen.com/english/advisories/2007/2732 VUPEN:ADV-2007-3087 URL:http://www.vupen.com/english/advisories/2007/3087 VUPEN:ADV-2007-3386 URL:http://www.vupen.com/english/advisories/2007/3386 VUPEN:ADV-2008-0065 URL:http://www.vupen.com/english/advisories/2008/0065 VUPEN:ADV-2008-1979 URL:http://www.vupen.com/english/advisories/2008/1979/references VUPEN:ADV-2009-0233 URL:http://www.vupen.com/english/advisories/2009/0233 XF:tomcat-proxy-directory-traversal(32988) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
Assigning CNA
Red Hat, Inc.
Date Entry Created
20070123	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070123)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select “Other” from dropdown)