CVE-2007-5461

CVSS V2 Low 3.5 CVSS V3 None
Description
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Overview
  • CVE ID
  • CVE-2007-5461
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2007-10-15T18:17:00
  • Last Modified Date
  • 2019-03-25T11:29:51
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:S/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • SINGLE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 3.5
  • Severity
  • LOW
  • Exploitability Score
  • 6.8
  • Impact Score
  • 2.9
References
Reference URL Reference Tags
http://marc.info/?l=full-disclosure&m=119239530508382 Exploit
http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
http://issues.apache.org/jira/browse/GERONIMO-3549
http://tomcat.apache.org/security-4.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
http://www-1.ibm.com/support/docview.wss?uid=swg21286112
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
http://www.securityfocus.com/bid/26070
http://www.securitytracker.com/id?1018864
http://secunia.com/advisories/27398
http://secunia.com/advisories/27446
http://secunia.com/advisories/27481
http://secunia.com/advisories/27727
http://www.debian.org/security/2008/dsa-1447
http://www.debian.org/security/2008/dsa-1453
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
http://secunia.com/advisories/28317
http://secunia.com/advisories/28361
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://secunia.com/advisories/29242
http://www.redhat.com/support/errata/RHSA-2008-0042.html
http://secunia.com/advisories/29313
http://security.gentoo.org/glsa/glsa-200804-10.xml
http://secunia.com/advisories/29711
http://www.redhat.com/support/errata/RHSA-2008-0195.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
http://secunia.com/advisories/30676
http://secunia.com/advisories/30802
http://secunia.com/advisories/31493
http://support.apple.com/kb/HT2163
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://secunia.com/advisories/30899
http://secunia.com/advisories/30908
http://www.redhat.com/support/errata/RHSA-2008-0862.html
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://www.securityfocus.com/bid/31681
http://support.apple.com/kb/HT3216
http://secunia.com/advisories/32222
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
http://secunia.com/advisories/32120
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://secunia.com/advisories/32266
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
http://secunia.com/advisories/37460
http://www.vupen.com/english/advisories/2007/3674
http://www.vupen.com/english/advisories/2007/3671
http://www.vupen.com/english/advisories/2008/1979/references
http://www.vupen.com/english/advisories/2008/1981/references
http://www.vupen.com/english/advisories/2008/1856/references
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2007/3622
http://www.vupen.com/english/advisories/2008/2823
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://secunia.com/advisories/57126
https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
https://www.exploit-db.com/exploits/4530
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9202
http://www.securityfocus.com/archive/1/507985/100/0/threaded
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
History
Created Old Value New Value Data Type Notes
2022-05-10 17:45:52 Added to TrackCVE