|
|
Apache HTTP Server Tomcat Directory Traversal Vulnerability
|
Bugtraq ID:
|
22960
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2007-0450
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Mar 14 2007 12:00AM
|
|
Updated:
|
Jan 27 2009 11:49PM
|
|
Credit:
|
D. Matscheko is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
VMWare VirtualCenter Management Server 2
VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.1
Sun Solaris 9_x86
Sun Solaris 9_sparc
Sun Solaris 9
Sun Solaris 10_x86
Sun Solaris 10_sparc
Sun Solaris 10
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SUSE Linux Enterprise Server 9 SP3
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Server 10
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10
S.u.S.E. SLE SDK 10.SP1
S.u.S.E. SLE SDK 10
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 10.2 x86_64
S.u.S.E. Linux Professional 10.2
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 10.2 x86_64
S.u.S.E. Linux Personal 10.2
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server SDK 9
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux Enterprise Server 10
+
Linux kernel 2.6.5
S.u.S.E. Linux Enterprise SDK 10
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
RedHat Red Hat Network Satellite Server 5.0
RedHat Red Hat Network Satellite Server 4.2
RedHat Red Hat Network Satellite Server 4.1
RedHat Red Hat Network Satellite Server 4.0
RedHat Network Satellite (for RHEL 4) 4.2
RedHat Enterprise Linux Virtualization 5 server
RedHat Enterprise Linux Supplementary 5 server
RedHat Enterprise Linux Optional Productivity Application 5 server
RedHat Enterprise Linux Hardware Certification 5
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop Supplementary 5 client
RedHat Enterprise Linux Desktop Multi OS 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux Clustering 5 server
RedHat Enterprise Linux Cluster-Storage 5 server
RedHat Enterprise Linux 5 server
RedHat Network Satellite (for RHEL 3) 4.2
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
Gentoo Linux
Fujitsu INTERSTAGE Studio Standard-J Edition 9.0
Fujitsu INTERSTAGE Studio Standard-J Edition 8.0.1
Fujitsu INTERSTAGE Studio Enterprise Edition 9.0
Fujitsu INTERSTAGE Studio Enterprise Edition 8.0.1
Fujitsu INTERSTAGE Job Workload Server 8.1
Fujitsu INTERSTAGE Business Application Server Enterprise 8.0
Fujitsu INTERSTAGE Apworks Modelers-J Edition 7.0
Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0A
Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0
Fujitsu INTERSTAGE Application Server Standard-J Edition 9.0
Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0.3
Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0.2
Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0
Fujitsu INTERSTAGE Application Server Plus Developer 6.0
Fujitsu Interstage Application Server Plus 7.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 9.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.3
Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.2
Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0.1
Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 6.0
Computer Associates Cohesion Application Configuration Manager 4.5
Avaya AES 4.0
Avaya AES 3.1
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.3.9
Apple Mac OS X 10.4.10
Apple Mac OS X 10.3.9
Apache Software Foundation Tomcat 6.0.9
Apache Software Foundation Tomcat 6.0.8
Apache Software Foundation Tomcat 6.0.7
Apache Software Foundation Tomcat 6.0.6
Apache Software Foundation Tomcat 6.0.5
Apache Software Foundation Tomcat 6.0.4
Apache Software Foundation Tomcat 6.0.3
Apache Software Foundation Tomcat 6.0.2
Apache Software Foundation Tomcat 6.0.1
Apache Software Foundation Tomcat 5.5.22
Apache Software Foundation Tomcat 5.5.21
Apache Software Foundation Tomcat 5.5.20
Apache Software Foundation Tomcat 5.5.19
Apache Software Foundation Tomcat 5.5.18
Apache Software Foundation Tomcat 5.5.17
Apache Software Foundation Tomcat 5.5.16
Apache Software Foundation Tomcat 5.5.15
Apache Software Foundation Tomcat 5.5.14
Apache Software Foundation Tomcat 5.5.13
Apache Software Foundation Tomcat 5.5.12
Apache Software Foundation Tomcat 5.5.11
Apache Software Foundation Tomcat 5.5.10
Apache Software Foundation Tomcat 5.5.9
Apache Software Foundation Tomcat 5.5.8
Apache Software Foundation Tomcat 5.5.7
Apache Software Foundation Tomcat 5.5.6
Apache Software Foundation Tomcat 5.5.5
Apache Software Foundation Tomcat 5.5.4
Apache Software Foundation Tomcat 5.5.3
Apache Software Foundation Tomcat 5.5.2
Apache Software Foundation Tomcat 5.5.1
Apache Software Foundation Tomcat 5.5
Apache Software Foundation Tomcat 5.4
Apache Software Foundation Tomcat 5.3
Apache Software Foundation Tomcat 5.2
Apache Software Foundation Tomcat 5.1
Apache Software Foundation Tomcat 5.0
|
|
|
|
Not Vulnerable:
|
Computer Associates Cohesion Application Configuration Manager 4.5 SP1
Apache Software Foundation Tomcat 6.0.10
Apache Software Foundation Tomcat 5.5.23
|
|
|
