CVE-2006-3835

Apache Tomcat <5.5.17 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3835. PoCs published by ScanAlert Security.

AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in Apache Tomcat due to improper input sanitization, allowing directory listing and potential source code exposure. The provided URL example demonstrates the exploit vector.

Description

Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.

Exploits (1)

exploitdb WRITEUP VERIFIED
by ScanAlert Security · textremotemultiple
https://www.exploit-db.com/exploits/28254

This is a writeup describing an information disclosure vulnerability in Apache Tomcat due to improper input sanitization, allowing directory listing and potential source code exposure. The provided URL example demonstrates the exploit vector.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Apache Tomcat 5.028, 5.5.23, 5.5.9, 5.5.7
No auth needed
Prerequisites: Network access to the target Tomcat server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (30)

Core 30
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19106
Various Sources x_refsource_confirm
http://tomcat.apache.org/security-4.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30908
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37297
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30899
Various Sources x_refsource_misc
http://www.sec-consult.com/289.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1979/references
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500412/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1727
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33668
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27902
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500396/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/468048/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0233
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25212
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507729/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016576
Exploit, Patch mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html
Various Sources x_refsource_confirm
http://tomcat.apache.org/security-5.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34183
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0261.html

Scores

EPSS 0.5151
EPSS Percentile 98.0%

Details

Status published
Products (6)
apache/tomcat 5.0.28
apache/tomcat 5.5.7
apache/tomcat 5.5.9
apache/tomcat 5.5.12
apache/tomcat 5.5.16
org.apache.tomcat/tomcat 5.0.0 - 5.5.17Maven
Published Jul 25, 2006
Tracked Since Feb 18, 2026