HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

 

CERT-In Vulnerability Note CIVN-2008-135
Apache Tomcat "UTF-8" Remote Directory Traversal Vulnerability

Original Issue Date: August 25, 2008

Severity Rating: Medium

Systems Affected

  • Apache Tomcat 4.1.0 to 4.1.37
  • Apache Tomcat 5.5.0 to 5.5.26
  • Apache Tomcat 6.0.0 to 6.0.16

Overview

A vulnerability has been reported in Apache Tomcat, which can be exploited by a remote attacker to conduct directory traversal attacks and get access to arbitrary files in the target system.

Description

 This vulnerability is caused due to an input validation error when a context is configured with allowLinking="true" and the connector is configured with URIEncoding="UTF-8" . This could be exploited by a remote attacker via encoded directory traversal sequences in the URI,
to get access to arbitrary files in the target system.

Solutions

  • For Apache Tomcat 4.1.x, this issue is fixed in Apache Tomcat 4.1.SVN
  • For Apache Tomcat 5.5.x , this issue is fixed in Apache Tomcat 5.5.SVN
  • Users of Apache Tomcat 6.0.x may upgrade to 6.0.18

Vendor Information

 Apache Tomcat
http://tomcat.apache.org/security-4.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html

References

US-CERT
http://www.kb.cert.org/vuls/id/343355

FrSIRT
http://www.frsirt.com/english/advisories/2008/2343

SecurityFocus
http://www.securityfocus.com/bid/30633

Juniper Networks http://www.juniper.net/security/auto/vulnerabilities/vuln30633.html

CVE Name
CVE-2008-2938

CWE Name
CWE-22

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003