CVE-2007-0450
Apache HTTP Server and Tomcat 5.0.0-5.5.21 - Directory Traversal via Proxy Module URL Path
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-0450. PoCs published by D. Matscheko.
AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in Apache HTTP servers with Tomcat servlet container versions prior to 5.5.22 and 6.0.10. It explains the issue and provides an example URL to exploit it, but does not include actual exploit code.
Description
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by D. Matscheko · textremotelinux
https://www.exploit-db.com/exploits/29739
The provided text describes a directory traversal vulnerability in Apache HTTP servers with Tomcat servlet container versions prior to 5.5.22 and 6.0.10. It explains the issue and provides an example URL to exploit it, but does not include actual exploit code.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Apache HTTP Server with Tomcat servlet container (versions < 5.5.22 and < 6.0.10)
No auth needed
Prerequisites:
Apache HTTP server with vulnerable Tomcat servlet container · Network access to the target server
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (56)
Core 56
Core References
Vendor Advisory x_refsource_confirm
http://tomcat.apache.org/security-4.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2732
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3087
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1979/references
Broken Link vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_5_sr.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0065
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500412/100/0/threaded
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/485938/100/0/threaded
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0360.html
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30908
Third Party Advisory mailing-list
x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2008/000003.html
Broken Link vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30899
Mailing List, Third Party Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33668
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500396/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25280
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24732
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0233
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22960
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28365
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
Vendor Advisory x_refsource_confirm
http://tomcat.apache.org/security-6.html
Broken Link x_refsource_misc
http://www.sec-consult.com/287.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3386
Broken Link x_refsource_misc
http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0327.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27037
Third Party Advisory x_refsource_confirm
http://docs.info.apple.com/article.html?artnum=306172
Broken Link vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0975
Vendor Advisory x_refsource_confirm
http://tomcat.apache.org/security-5.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25159
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26660
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Third Party Advisory x_refsource_confirm
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200705-03.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25106
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2446
Broken Link x_refsource_confirm
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
Broken Link, Third Party Advisory x_refsource_confirm
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462791/100/0/threaded
Third Party Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
Broken Link vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_15_sr.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26235
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10643
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
Scores
EPSS
0.9045
EPSS Percentile
99.6%
Details
CWE
CWE-22
Status
published
Products (3)
apache/http_server
apache/tomcat
5.0.0 - 5.5.22
org.apache.tomcat/tomcat
5.0 - 5.5.22Maven
Published
Mar 16, 2007
Tracked Since
Feb 18, 2026