Apache Tomcat Directory Traversal

2010-02-26T00:00:00
ID PACKETSTORM:86726
Type packetstorm
Reporter indoushka
Modified 2010-02-26T00:00:00

Description

                                        
                                            `Vulnerability description:  
An input validation error can be exploited to download arbitrary files via directory traversal attacks.   
  
Successful exploitation requires that a context is configured with allowLinking="true" and that the connector is configured with URIEncoding="UTF-8".   
  
Affected versions 4.1.0 to 4.1.37, 5.5.0 to 5.5.26.  
Affected items  
test : http://127.0.0.1:7021/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd  
The impact of this vulnerability  
The remote atacker can download arbitrary files via directory traversal attacks.  
  
How to fix this vulnerability  
The problem was fixed in the SVN.  
  
Web references  
Apache Tomcat 5.x vulnerabilities :=> http://tomcat.apache.org/security-5.html  
`