Lucene search
Ubuntu.comUB:CVE-2007-1860HistoryMay 25, 2007 - 12:00 a.m.
CVE-2007-1860
2007-05-2500:00:00
ubuntu.com
ubuntu.com
9
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.1%
mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes
request URLs within the Apache HTTP Server before passing the URL to
Tomcat, which allows remote attackers to access protected pages via a
crafted prefix JkMount, possibly involving double-encoded … (dot dot)
sequences and directory traversal, a related issue to CVE-2007-0450.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | LP bug has debdiffs |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | libapache-mod-jk | < 1:1.2.14.1-2ubuntu1.1 | UNKNOWN |
| ubuntu | 7.10 | noarch | libapache-mod-jk | < 1.2.23-3 | UNKNOWN |
| ubuntu | 8.04 | noarch | libapache-mod-jk | < 1.2.23-3 | UNKNOWN |
| ubuntu | 8.10 | noarch | libapache-mod-jk | < 1.2.23-3 | UNKNOWN |
Related
debiancve
debiancve
CVE-2007-1860
2007-05-25 18:30:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.22, 5.0.SVN
2007-01-23 00:00:00
Fixed in Apache Tomcat JK Connector 1.2.23
2007-01-23 00:00:00
Fixed in Apache Tomcat 4.1.36
2005-06-30 00:00:00
prion
prion
Directory traversal
2007-05-25 18:30:00
Directory traversal
2007-03-16 22:19:00
cve
cve
CVE-2007-1860
2007-05-25 18:30:00
CVE-2007-0450
2007-03-16 22:19:00
securityvulns
securityvulns
Apache Tomcat directory traversal
2007-03-14 00:00:00
SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal
2007-03-14 00:00:00
nessus
nessus
openSUSE 10 Security Update : tomcat5 (tomcat5-3950)
2007-10-17 00:00:00
Apache Tomcat < 6.0.10 Directory Traversal
2019-01-11 00:00:00
Apache Tomcat Directory Traversal
2010-01-04 00:00:00
openvas
openvas
SLES9: Security update for jakarta-tomcat
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200708-15 (mod_jk)
2008-09-24 00:00:00
FreeBSD Ports: mod_jk
2008-09-04 00:00:00
github
github
Apache Tomcat Directory Traversal
2022-05-01 17:44:16
ubuntucve
ubuntucve
CVE-2007-0450
2007-03-16 00:00:00
debian
debian
packetstorm
packetstorm
SA-20070314-0.txt
2007-03-20 00:00:00
veracode
veracode
Directory Traversal
2018-11-13 06:27:26
redhat
redhat
(RHSA-2007:0379) Important: mod_jk security update
2007-05-30 00:00:00
(RHSA-2007:0380) Important: mod_jk security update
2007-05-30 00:00:00
(RHSA-2007:0360) Important: jbossas security update
2007-05-24 00:00:00
freebsd
freebsd
mod_jk -- information disclosure
2007-05-18 00:00:00
tomcat -- multiple vulnerabilities
2007-04-27 00:00:00
gentoo
gentoo
Apache mod_jk: Directory traversal
2007-08-19 00:00:00
Tomcat: Information disclosure
2007-05-01 00:00:00
osv
osv
Apache Tomcat Directory Traversal
2022-05-01 17:44:16
hackerone
hackerone
checkpoint_advisories
checkpoint_advisories
Apache Tomcat URIencoding Directory Traversal (CVE-2007-0450; CVE-2008-2938)
2009-11-01 00:00:00
vmware
vmware
centos
centos
jakarta, tomcat5 security update
2007-05-14 22:49:09
oraclelinux
oraclelinux
Important: tomcat security update
2007-06-26 00:00:00
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.1%
Related for UB:CVE-2007-1860