Apache Geronimo / Tomcat WebDAV XML SYSTEM Tag Arbitrary File Access

2007-10-14T18:48:28
ID OSVDB:38187
Type osvdb
Reporter OSVDB
Modified 2007-10-14T18:48:28

Description

No description provided by the source

References:

Vendor Specific News/Changelog Entry: http://tomcat.apache.org/security-6.html Vendor Specific News/Changelog Entry: http://tomcat.apache.org/security-5.html Vendor Specific News/Changelog Entry: http://tomcat.apache.org/security-4.html Security Tracker: 1018864 Secunia Advisory ID:27481 Secunia Advisory ID:28317 Secunia Advisory ID:28361 Secunia Advisory ID:27727 Secunia Advisory ID:27398 Other Advisory URL: http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html Other Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html Other Advisory URL: http://www.us.debian.org/security/2008/dsa-1453 Other Advisory URL: http://www.debian.org/security/2008/dsa-1447 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-10/0371.html ISS X-Force ID: 37243 Generic Exploit URL: http://www.milw0rm.com/exploits/4530 FrSIRT Advisory: ADV-2007-3622 CVE-2007-5461 Bugtraq ID: 26070