Create an account

Subscribe to LWN

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

The sad story of the em28xx driver

Weekly edition	Kernel	Security	Distributions	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ

tomcat: directory traversal

Package(s):

tomcat

CVE #(s):

CVE-2007-0450

Created:

May 2, 2007

Updated:

February 27, 2008

Description:

Versions of tomcat prior to 5.5.22 do not properly filter filename separator characters, enabling information disclosure attacks.

Alerts:

SuSE	SUSE-SR:2007:015	2007-08-03
Mandriva	MDKSA-2007:241	2007-12-10
Red Hat	RHSA-2007:0360-01	2007-05-24
Red Hat	RHSA-2007:0328-01	2007-05-24
Fedora	FEDORA-2007-514	2007-05-21
Red Hat	RHSA-2007:0326-01	2007-05-21
Red Hat	RHSA-2007:0327-01	2007-05-14
Gentoo	200705-03	2007-05-01

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds