CVE-2006-2758

Jetty - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textwebappsphp

https://www.exploit-db.com/exploits/18571

View Code ZIP pw:eip

References (1)

[Exploit] http://securitytracker.com/id?1016168

Scores

EPSS 0.0157

EPSS Percentile 81.6%

Details

CWE

CWE-22

Status published

Products (2)

jetty/jetty 6.0

org.mortbay.jetty/jetty 0Maven

Published Jun 02, 2006

Tracked Since Feb 18, 2026