CVE-2008-2938

The repository contains descriptions and references for multiple CVEs, including CVE-2014-2064, but lacks executable exploit code for the specified CVE. It includes detailed explanations and references for vulnerabilities in Tomcat, Spring, and Jenkins.

This Metasploit module exploits a directory traversal vulnerability in Trend Micro DLP Appliance v5.5 build <= 1294, leveraging the Tomcat UTF-8 bug (CVE-2008-2938) to access sensitive files. It tests for the vulnerability by attempting to traverse directories and read files listed in a wordlist.

This exploit demonstrates a directory traversal vulnerability in Apache Tomcat prior to 6.0.18. By crafting a specific URL with UTF-8 encoded sequences, an attacker can access arbitrary files on the system.

This exploit targets a directory traversal vulnerability in Apache Tomcat versions prior to 6.0.18 by sending a malformed UTF-8 encoded HTTP GET request to retrieve the contents of /etc/passwd. The code checks for the presence of 'root:x' to confirm successful exploitation.

This Metasploit module exploits a directory traversal vulnerability in Apache Tomcat (CVE-2008-2938) by sending UTF-8 encoded traversal sequences to access sensitive files. It tests for the vulnerability under specific configurations where allowLinking and URIEncoding are set in a non-default manner.