9 lines
No EOL
563 B
Text
9 lines
No EOL
563 B
Text
source: http://www.securityfocus.com/bid/22960/info
|
|
|
|
Apache HTTP servers running with the Tomcat servlet container are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
|
|
|
|
Exploiting this issue allows attackers to access arbitrary files in the Tomcat webroot. This can expose sensitive information that could help the attacker launch further attacks.
|
|
|
|
Versions in the 5.0 series prior to 5.5.22 and in the 6.0 series prior to 6.0.10 are vulnerable.
|
|
|
|
http://www.example.com/foo/\../manager/html |