Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-5461
Description:Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Test IDs: 1.3.6.1.4.1.25623.1.0.60108   1.3.6.1.4.1.25623.1.0.59877   1.3.6.1.4.1.25623.1.0.60102   1.3.6.1.4.1.25623.1.0.60350   1.3.6.1.4.1.25623.1.0.122603  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-5461
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
BugTraq ID: 26070
http://www.securityfocus.com/bid/26070
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Debian Security Information: DSA-1447 (Google Search)
http://www.debian.org/security/2008/dsa-1447
Debian Security Information: DSA-1453 (Google Search)
http://www.debian.org/security/2008/dsa-1453
https://www.exploit-db.com/exploits/4530
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
http://marc.info/?l=full-disclosure&m=119239530508382
http://security.gentoo.org/glsa/glsa-200804-10.xml
HPdes Security Advisory: HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
http://issues.apache.org/jira/browse/GERONIMO-3549
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9202
RedHat Security Advisories: RHSA-2008:0042
http://www.redhat.com/support/errata/RHSA-2008-0042.html
RedHat Security Advisories: RHSA-2008:0195
http://www.redhat.com/support/errata/RHSA-2008-0195.html
RedHat Security Advisories: RHSA-2008:0261
http://www.redhat.com/support/errata/RHSA-2008-0261.html
RedHat Security Advisories: RHSA-2008:0630
http://rhn.redhat.com/errata/RHSA-2008-0630.html
RedHat Security Advisories: RHSA-2008:0862
http://www.redhat.com/support/errata/RHSA-2008-0862.html
http://www.securitytracker.com/id?1018864
http://secunia.com/advisories/27398
http://secunia.com/advisories/27446
http://secunia.com/advisories/27481
http://secunia.com/advisories/27727
http://secunia.com/advisories/28317
http://secunia.com/advisories/28361
http://secunia.com/advisories/29242
http://secunia.com/advisories/29313
http://secunia.com/advisories/29711
http://secunia.com/advisories/30676
http://secunia.com/advisories/30802
http://secunia.com/advisories/30899
http://secunia.com/advisories/30908
http://secunia.com/advisories/31493
http://secunia.com/advisories/32120
http://secunia.com/advisories/32222
http://secunia.com/advisories/32266
http://secunia.com/advisories/37460
http://secunia.com/advisories/57126
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
SuSE Security Announcement: SUSE-SR:2008:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://www.vupen.com/english/advisories/2007/3622
http://www.vupen.com/english/advisories/2007/3671
http://www.vupen.com/english/advisories/2007/3674
http://www.vupen.com/english/advisories/2008/1856/references
http://www.vupen.com/english/advisories/2008/1979/references
http://www.vupen.com/english/advisories/2008/1981/references
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2008/2823
http://www.vupen.com/english/advisories/2009/3316
XForce ISS Database: apache-tomcat-webdav-dir-traversal(37243)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37243




© 1998-2024 E-Soft Inc. All rights reserved.