|Category:||Web application abuses|
|Title:||Apache Tomcat 'UTF-8' Directory Traversal Vulnerability|
|Summary:||Apache Tomcat is prone to a directory-traversal; vulnerability because it fails to sufficiently sanitize user-supplied input.|
Apache Tomcat is prone to a directory-traversal
vulnerability because it fails to sufficiently sanitize user-supplied input.
A remote attacker could exploit this vulnerability using directory-
traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may
result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.
Apache Tomcat versions before 4.1.39, 5.x before 5.5.27 and 6.x before 6.0.18 are vulnerable.")
script_tag(name:"insight", value:"Originally reported as a Tomcat vulnerability the root cause of this issue is that
the JVM does not correctly decode UTF-8 encoded URLs to UTF-8. This exposes a directory traversal vulnerability when
the connector uses URIEncoding="UTF-8". This directory traversal is limited to the docBase of the web application.
If a context is configured with allowLinking="true" then the directory traversal vulnerability is extended to the
entire file system of the host server.
It should also be noted that setting useBodyEncodingForURI="true" has the same effect as setting URIEncoding="UTF-8"
when processing requests with bodies encoded with UTF-8.
Although the root cause was quickly identified as a JVM issue and that it affected multiple JVMs from multiple vendors,
it was decided to report this as a Tomcat vulnerability until such time as the JVM vendors provided updates to resolve
this issue. For further information on the status of this issue for your JVM, contact your JVM vendor.
Update Apache Tomcat to version 4.1.39, 5.5.27 or 6.0.18 or later which includes
a workaround that protects against this and any similar character encoding issues that may still exist in the JVM.
BugTraq ID: 30633|
Common Vulnerability Exposure (CVE) ID: CVE-2008-2938
BugTraq ID: 31681
Bugtraq: 20080811 Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability (Google Search)
Bugtraq: 20091107 ToutVirtual VirtualIQ Multiple Vulnerabilities (Google Search)
CERT/CC vulnerability note: VU#343355
HPdes Security Advisory: HPSBUX02401
HPdes Security Advisory: SSRT090005
SuSE Security Announcement: SUSE-SR:2008:018 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
XForce ISS Database: tomcat-allowlinking-utf8-directory-traversal(44411)
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 72306 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.