English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-1860
Description:mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.
Test IDs: 1.3.6.1.4.1.25623.1.0.62870   1.3.6.1.4.1.25623.1.0.58360   1.3.6.1.4.1.25623.1.0.58285   1.3.6.1.4.1.25623.1.0.58550   1.3.6.1.4.1.25623.1.0.58847  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-1860
1018138
http://www.securitytracker.com/id?1018138
24147
http://www.securityfocus.com/bid/24147
25159
http://www.securityfocus.com/bid/25159
25383
http://secunia.com/advisories/25383
25701
http://secunia.com/advisories/25701
26235
http://secunia.com/advisories/26235
26512
http://secunia.com/advisories/26512
27037
http://secunia.com/advisories/27037
29242
http://secunia.com/advisories/29242
34877
http://www.osvdb.org/34877
ADV-2007-1941
http://www.vupen.com/english/advisories/2007/1941
ADV-2007-2732
http://www.vupen.com/english/advisories/2007/2732
ADV-2007-3386
http://www.vupen.com/english/advisories/2007/3386
APPLE-SA-2007-07-31
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
DSA-1312
http://www.debian.org/security/2007/dsa-1312
GLSA-200708-15
http://security.gentoo.org/glsa/glsa-200708-15.xml
HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
RHSA-2007:0379
http://www.redhat.com/support/errata/RHSA-2007-0379.html
RHSA-2008:0261
http://www.redhat.com/support/errata/RHSA-2008-0261.html
SSRT071447
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
SUSE-SR:2008:005
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190325 svn commit: r1856174 [25/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190413 svn commit: r1857494 [18/20] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190415 svn commit: r1857582 [20/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200213 svn commit: r1873980 [30/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
http://docs.info.apple.com/article.html?artnum=306172
http://docs.info.apple.com/article.html?artnum=306172
http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1
http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1
http://tomcat.apache.org/security-jk.html
http://tomcat.apache.org/security-jk.html
oval:org.mitre.oval:def:6002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6002
tomcat-jkconnector-security-bypass(34496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34496



© 1998-2025 E-Soft Inc. All rights reserved.