CVE-2008-5518

Apache Geronimo Application Server <2.1.3 - Path Traversal

Title source: llm

Description

Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet.

Exploits (1)

exploitdb WRITEUP VERIFIED

by DSecRG · textremotemultiple

https://www.exploit-db.com/exploits/8458

View Code ZIP pw:eip

References (11)

[Exploit] http://dsecrg.com/pages/vul/show.php?id=118

[Patch, Vendor Advisory] http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214

[Patch, Vendor Advisory] http://issues.apache.org/jira/browse/GERONIMO-4597

[Third Party Advisory] http://secunia.com/advisories/34715

[Exploit] http://www.securityfocus.com/bid/34562

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/49898

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/49899

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/49900

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/502733/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8458

[Third Party Advisory] http://www.vupen.com/english/advisories/2009/1089

Scores

EPSS 0.1077

EPSS Percentile 93.4%

Details

CWE

CWE-22

Status published

Products (5)

apache/geronimo 2.1

apache/geronimo 2.1.1

apache/geronimo 2.1.2

apache/geronimo 2.1.3

org.apache.geronimo.plugins/console 2.1.0 - 2.1.4Maven

Published Apr 17, 2009

Tracked Since Feb 18, 2026