CVE-2008-2370

Apache Tomcat < 4.1.38 - Path Traversal

Title source: rule

Description

Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Stefano Di Paola · textremotemultiple

https://www.exploit-db.com/exploits/32137

View Code ZIP pw:eip

References (60)

[Mailing List] http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

[Mailing List] http://marc.info/?l=bugtraq&m=123376588623823&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=139344343412337&w=2

[Vendor Advisory] http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm

[Various Sources] http://tomcat.apache.org/security-4.html

[Various Sources] http://tomcat.apache.org/security-5.html

[Various Sources] http://tomcat.apache.org/security-6.html

[Various Sources] http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2008:188

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2008-0648.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2008-0862.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2008-0864.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/495022/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/507985/100/0/threaded

[Exploit, Patch] http://www.securityfocus.com/bid/30494

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1020623

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44156

[Mailing List] https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

... and 40 more

Scores

EPSS 0.8922

EPSS Percentile 99.5%

Details

CWE

CWE-22

Status published

Products (50)

apache/tomcat 4.1.0

apache/tomcat 4.1.1

apache/tomcat 4.1.2

apache/tomcat 4.1.3

apache/tomcat 4.1.4

apache/tomcat 4.1.5

apache/tomcat 4.1.6

apache/tomcat 4.1.7

apache/tomcat 4.1.8

apache/tomcat 4.1.9

... and 40 more

Published Aug 04, 2008

Tracked Since Feb 18, 2026