CVE-2008-5515 Information

Description

Apache Tomcat 4.1.0 through 4.1.39 5.5.0 through 5.5.27 6.0.0 through 6.0.18 and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.

Reference

http://jvn.jp/en/jp/JVN63832775/index.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info/?l=bugtraq&m=129070310906557&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://secunia.com/advisories/35393 http://secunia.com/advisories/35685 http://secunia.com/advisories/35788 http://secunia.com/advisories/37460 http://secunia.com/advisories/39317 http://secunia.com/advisories/42368 http://secunia.com/advisories/44183 http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1 http://support.apple.com/kb/HT4077 http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html http://www.debian.org/security/2011/dsa-2207 http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:136 http://www.mandriva.com/security/advisories?name=MDVSA-2009:138 http://www.mandriva.com/security/advisories?name=MDVSA-2010:176 http://www.securityfocus.com/archive/1/504170/100/0/threaded http://www.securityfocus.com/archive/1/504202/100/0/threaded http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.securityfocus.com/bid/35263 http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.vupen.com/english/advisories/2009/1520 http://www.vupen.com/english/advisories/2009/1535 http://www.vupen.com/english/advisories/2009/1856 http://www.vupen.com/english/advisories/2009/3316 http://www.vupen.com/english/advisories/2010/3056 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@3Cdev.tomcat.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10422 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19452 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6445 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html