HomePentest-Tools.com Logo

Apache Struts Security Update (S2-004) - Active Check CVE-2008-6505

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Apache Struts is prone to a directory traversal vulnerability.

Risk description

Input validation error within the user supplied request URI while read arbitrary files via ../ with a /struts/ path which is related to FilterDispatcher and DefaultStaticContentLoader. Successful exploitation will let an attacker launch a directory traversal attack and gain sensitive information about the remote system directory contents.

Recommendation

Update to version 2.0.12, 2.1.6 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 23, 2009
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available