Users of tomcat5 please be advised of a Directory Traversal vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
MDVSA-2010:177: [MDVSA-2010:177] tomcat5 Directory Traversal
Problem Description:
Multiple vulnerabilities has been found and corrected in tomcat5:
Directory traversal vulnerability in Apache Tomcat 5.5.0 through
5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or
overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file,
as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693).
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/bbnAzb
No comments:
Post a Comment