10 lines
567 B
Text
Executable file
10 lines
567 B
Text
Executable file
source: http://www.securityfocus.com/bid/22960/info
|
|
|
|
Apache HTTP servers running with the Tomcat servlet container are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
|
|
|
|
Exploiting this issue allows attackers to access arbitrary files in the Tomcat webroot. This can expose sensitive information that could help the attacker launch further attacks.
|
|
|
|
Versions in the 5.0 series prior to 5.5.22 and in the 6.0 series prior to 6.0.10 are vulnerable.
|
|
|
|
http://www.example.com/foo/\../manager/html
|
|
|