Lucene search
RootSSV:2341HistoryOct 28, 2007 - 12:00 a.m.
Apache Tomcat WebDav远程信息泄露漏洞
2007-10-2800:00:00
Root
www.seebug.org
52
0.005 Low
EPSS
Percentile
73.2%
BUGTRAQ ID: 26070
CVE(CAN) ID: CVE-2007-5461
Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
Apache Tomcat在特定配置情况下存在漏洞,远程攻击者可能利用此漏洞非授权读写文件。
如果将Apache Tomcat的WebDAV servlet配置为同上下文使用且允许写访问的话,则远程攻击者可以通过提交指定了SYSTEM标签的WebDAV请求导致泄露任意文件的内容。
Apache Group Tomcat 6.0.0 - 6.0.14
Apache Group Tomcat 5.5.0 - 5.5.25
Apache Group Tomcat 5.0.0 - 5.0.SVN
Apache Group Tomcat 4.1.0 - 4.1.SVN
Apache Group Tomcat 4.0.0 - 4.0.6
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://jakarta.apache.org/tomcat/index.html” target=“_blank”>http://jakarta.apache.org/tomcat/index.html</a>
Related
cve
cve
CVE-2007-5461
2007-10-15 18:17:00
CVE-2007-5731
2007-10-30 23:46:00
veracode
veracode
Path Traversal
2018-11-12 08:02:36
ubuntucve
ubuntucve
CVE-2007-5461
2007-10-15 00:00:00
CVE-2007-5731
2007-10-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Tomcat WebDav Remote Information Disclosure (CVE-2007-5461)
2013-11-18 00:00:00
prion
prion
Path traversal
2007-10-15 18:17:00
Path traversal
2007-10-30 23:46:00
osv
osv
Apache Tomcat Path Traversal Vulnerability
2022-05-01 18:33:34
tomcat5 - several vulnerabilities
2008-01-07 00:00:00
tomcat5.5 several vulnerabilities
2008-01-03 00:00:00
github
github
Apache Tomcat Path Traversal Vulnerability
2022-05-01 18:33:34
redhat
redhat
(RHSA-2008:0042) Moderate: tomcat security update
2008-03-11 00:00:00
(RHSA-2008:0195) Moderate: tomcat security update
2008-04-28 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2008-0042)
2015-10-08 00:00:00
RedHat Update for tomcat RHSA-2008:0042-01
2009-03-06 00:00:00
RedHat Update for tomcat RHSA-2008:0042-01
2009-03-06 00:00:00
nessus
nessus
Scientific Linux Security Update : tomcat on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 5 : tomcat (RHSA-2008:0042)
2008-03-13 00:00:00
Oracle Linux 5 : tomcat (ELSA-2008-0042)
2013-07-12 00:00:00
redhatcve
redhatcve
CVE-2007-5731
2019-10-04 21:11:49
centos
centos
tomcat5 security update
2008-03-19 00:04:06
oraclelinux
oraclelinux
Moderate: tomcat security update
2008-03-11 00:00:00
debian
debian
[SECURITY] [DSA 1453-1] New tomcat5 packages fix several vulnerabilities
2008-01-07 18:41:20
[SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
2008-01-03 21:54:49
gentoo
gentoo
Tomcat: Multiple vulnerabilities
2008-04-10 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.26
2008-02-05 00:00:00
Fixed in Apache Tomcat 6.0.16
2008-02-08 00:00:00
Fixed in Apache Tomcat 4.1.37
2005-10-06 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: tomcat5-5.5.25-1jpp.1.fc8
2007-11-17 05:37:36
[SECURITY] Fedora 7 Update: tomcat5-5.5.25-1jpp.1.fc7
2007-11-17 05:34:43
[SECURITY] Fedora 7 Update: tomcat5-5.5.26-1jpp.2.fc7
2008-02-13 04:55:03
altlinux
altlinux
vmware
vmware
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00
ibm
ibm