Lucene search
Ubuntu.comUB:CVE-2011-4404HistoryNov 19, 2011 - 12:00 a.m.
CVE-2011-4404
2011-11-1900:00:00
ubuntu.com
ubuntu.com
18
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.966 High
EPSS
Percentile
99.6%
The default configuration of the HTTP server in Jetty in vSphere Update
Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before
Update 2 allows remote attackers to conduct directory traversal attacks and
read arbitrary files via unspecified vectors, a related issue to
CVE-2009-1523.
Notes
| Author | Note |
|---|---|
| tyhicks | There are few details at this point and it isnโt clear if jetty in Ubuntu is affected or not. Debian marked this CVE as NOT-FOR-US |
| mdeslaur | looks like the bundled jetty in vsphere had not been fixed for CVE-2009-1523. Marking as not-affected. |
Related
prion
prion
Directory traversal
2011-11-19 03:58:00
Directory traversal
2009-05-05 17:30:00
cve
cve
CVE-2011-4404
2011-11-19 03:58:00
CVE-2009-1523
2009-05-05 17:30:00
securityvulns
securityvulns
packetstorm
packetstorm
VMware Update Manager Directory Traversal
2011-11-21 00:00:00
nessus
nessus
VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014)
2011-11-28 00:00:00
openSUSE Security Update : jetty5 (jetty5-1531)
2009-11-11 00:00:00
Mandriva Linux Security Advisory : jetty5 (MDVSA-2009:291)
2009-10-30 00:00:00
seebug
seebug
Jetty Web Serverไธๆ็ป่็ฎๅฝ้ๅๆผๆด
2011-11-21 00:00:00
vmware
vmware
exploitpack
exploitpack
VMware - Update Manager Directory Traversal
2011-11-21 00:00:00
checkpoint_advisories
checkpoint_advisories
VMware Update Manager Directory Traversal (CVE-2011-4404)
2012-09-04 00:00:00
veracode
veracode
Directory Traversal
2018-11-08 06:30:45
ubuntucve
ubuntucve
CVE-2009-1523
2009-05-05 00:00:00
openvas
openvas
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
2009-05-04 00:00:00
Mandriva Security Advisory MDVSA-2009:291 (jetty5)
2009-11-11 00:00:00
Mandriva Security Advisory MDVSA-2009:291 (jetty5)
2009-11-11 00:00:00
github
github
Directory traversal in Mort Bay Jetty
2022-05-02 03:26:04
osv
osv
Directory traversal in Mort Bay Jetty
2022-05-02 03:26:04
fedora
fedora
[SECURITY] Fedora 9 Update: jetty-5.1.15-3.fc9
2009-05-26 07:55:49
[SECURITY] Fedora 10 Update: jetty-5.1.15-3.fc10
2009-05-26 07:57:22
[SECURITY] Fedora 11 Update: jetty-5.1.15-4.fc11
2009-05-26 07:56:18
exploitdb
exploitdb
VMware - Update Manager Directory Traversal
2011-11-21 00:00:00
oracle
oracle
09-07 CPU Advisory
2009-07-14 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.966 High
EPSS
Percentile
99.6%
Related for UB:CVE-2011-4404