CVE-2007-5461 Information
Description
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6 4.1.0 5.0.0 5.5.0 through 5.5.25 and 6.0.0 through 6.0.14 under certain configurations allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Reference
http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html http://issues.apache.org/jira/browse/GERONIMO-3549 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/3C47135C2D.1000705@apache.org3E http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://marc.info/?l=full-disclosure&m=119239530508382 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://secunia.com/advisories/27398 http://secunia.com/advisories/27446 http://secunia.com/advisories/27481 http://secunia.com/advisories/27727 http://secunia.com/advisories/28317 http://secunia.com/advisories/28361 http://secunia.com/advisories/29242 http://secunia.com/advisories/29313 http://secunia.com/advisories/29711 http://secunia.com/advisories/30676 http://secunia.com/advisories/30802 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://secunia.com/advisories/31493 http://secunia.com/advisories/32120 http://secunia.com/advisories/32222 http://secunia.com/advisories/32266 http://secunia.com/advisories/37460 http://secunia.com/advisories/57126 http://security.gentoo.org/glsa/glsa-200804-10.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 http://support.apple.com/kb/HT2163 http://support.apple.com/kb/HT3216 http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html http://www.debian.org/security/2008/dsa-1447 http://www.debian.org/security/2008/dsa-1453 http://www.mandriva.com/security/advisories?name=MDKSA-2007:241 http://www.mandriva.com/security/advisories?name=MDVSA-2009:136 http://www.redhat.com/support/errata/RHSA-2008-0042.html http://www.redhat.com/support/errata/RHSA-2008-0195.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://www.redhat.com/support/errata/RHSA-2008-0862.html http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.securityfocus.com/bid/26070 http://www.securityfocus.com/bid/31681 http://www.securitytracker.com/id?1018864 http://www.vmware.com/security/advisories/VMSA-2008-0010.html http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.vupen.com/english/advisories/2007/3622 http://www.vupen.com/english/advisories/2007/3671 http://www.vupen.com/english/advisories/2007/3674 http://www.vupen.com/english/advisories/2008/1856/references http://www.vupen.com/english/advisories/2008/1979/references http://www.vupen.com/english/advisories/2008/1981/references http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2008/2823 http://www.vupen.com/english/advisories/2009/3316 http://www-1.ibm.com/support/docview.wss?uid=swg21286112 https://exchange.xforce.ibmcloud.com/vulnerabilities/37243 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@3Cdev.tomcat.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9202 https://www.exploit-db.com/exploits/4530 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
Share on: