Jetty Double Slash URI Information Disclosure Vulnerability

Bugtraq ID: 27117
Class: Input Validation Error
CVE: CVE-2007-6672
Remote: Yes
Local: No
Published: Jan 03 2008 12:00AM
Updated: Jan 18 2008 04:48PM
Credit: Greg Wilkins is credited with the discovery of this vulnerability.
Vulnerable: Jetty Jetty 6.1.6
Jetty Jetty 6.1.5
Ignite Realtime Openfire 3.4.3
Not Vulnerable: Jetty Jetty 6.1.7
Ignite Realtime Openfire 3.4.4


 

Privacy Statement
Copyright 2010, SecurityFocus