5.8
CVSSv2

CVE-2009-2693

Published: 28/01/2010 Updated: 07/11/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

Vulnerability Summary

Directory traversal vulnerability in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20 allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache tomcat 5.5.27

apache tomcat 5.5.18

apache tomcat 6.0.6

apache tomcat 6.0.11

apache tomcat 5.5.12

apache tomcat 5.5.14

apache tomcat 5.5.10

apache tomcat 5.5.4

apache tomcat 5.5.7

apache tomcat 5.5.1

apache tomcat 6.0.7

apache tomcat 5.5.11

apache tomcat 5.5.28

apache tomcat 6.0.4

apache tomcat 5.5.6

apache tomcat 5.5.26

apache tomcat 5.5.20

apache tomcat 5.5.15

apache tomcat 5.5.5

apache tomcat 6.0.15

apache tomcat 5.5.21

apache tomcat 5.5.22

apache tomcat 6.0.20

apache tomcat 6.0.10

apache tomcat 6.0.3

apache tomcat 6.0.9

apache tomcat 5.5.3

apache tomcat 6.0.17

apache tomcat 6.0

apache tomcat 5.5.9

apache tomcat 5.5.25

apache tomcat 6.0.0

apache tomcat 6.0.14

apache tomcat 5.5.2

apache tomcat 5.5.0

apache tomcat 5.5.13

apache tomcat 6.0.1

apache tomcat 6.0.12

apache tomcat 5.5.24

apache tomcat 6.0.18

apache tomcat 5.5.8

apache tomcat 5.5.16

apache tomcat 6.0.5

apache tomcat 5.5.17

apache tomcat 5.5.19

apache tomcat 6.0.2

apache tomcat 6.0.13

apache tomcat 5.5.23

apache tomcat 6.0.19

apache tomcat 6.0.16

apache tomcat 6.0.8

Vendor Advisories

It was discovered that Tomcat did not correctly validate WAR filenames or paths when deploying A remote attacker could send a specially crafted WAR file to be deployed and cause arbitrary files and directories to be created, overwritten, or deleted ...
Synopsis Important: tomcat5 security update Type/Severity Security Advisory: Important Topic Updated tomcat5 packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerab ...
Synopsis Important: tomcat5 security update Type/Severity Security Advisory: Important Topic Updated tomcat5 packages that fix three security issues are now availablefor Red Hat Application Server v2The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerab ...
Synopsis Low: JBoss Enterprise Web Server 101 update Type/Severity Security Advisory: Low Topic JBoss Enterprise Web Server 101 is now available for Red Hat EnterpriseLinux 4 and 5This update has been rated as having low security impact by the Red HatSecurity Response Team Description ...

References

CWE-22http://svn.apache.org/viewvc?rev=892815&view=revhttp://securitytracker.com/id?1023505http://www.vupen.com/english/advisories/2010/0213http://svn.apache.org/viewvc?rev=902650&view=revhttp://secunia.com/advisories/38316http://secunia.com/advisories/38346http://tomcat.apache.org/security-6.htmlhttp://tomcat.apache.org/security-5.htmlhttp://www.securityfocus.com/bid/37944http://secunia.com/advisories/38541http://ubuntu.com/usn/usn-899-1http://secunia.com/advisories/38687http://www.redhat.com/support/errata/RHSA-2010-0119.htmlhttp://support.apple.com/kb/HT4077http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.htmlhttp://secunia.com/advisories/39317http://secunia.com/advisories/40330http://www.vupen.com/english/advisories/2010/1559http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113http://secunia.com/advisories/40813http://www.redhat.com/support/errata/RHSA-2010-0580.htmlhttp://www.vupen.com/english/advisories/2010/1986http://www.redhat.com/support/errata/RHSA-2010-0582.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:176http://www.mandriva.com/security/advisories?name=MDVSA-2010:177http://secunia.com/advisories/43310http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.htmlhttp://www.vmware.com/security/advisories/VMSA-2011-0003.htmlhttp://www.debian.org/security/2011/dsa-2207http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.htmlhttp://lists.opensuse.org/opensuse-updates/2012-12/msg00090.htmlhttp://lists.opensuse.org/opensuse-updates/2013-01/msg00037.htmlhttp://marc.info/?l=bugtraq&m=136485229118404&w=2http://marc.info/?l=bugtraq&m=139344343412337&w=2http://secunia.com/advisories/57126http://marc.info/?l=bugtraq&m=133469267822771&w=2http://marc.info/?l=bugtraq&m=127420533226623&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/55855https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355http://www.securityfocus.com/archive/1/516397/100/0/threadedhttp://www.securityfocus.com/archive/1/509148/100/0/threadedhttps://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3Ehttps://nvd.nist.govhttps://usn.ubuntu.com/899-1/