HomePentest-Tools.com Logo

Apache Tomcat UTF-8 Directory Traversal Vulnerability - Active Check CVE-2008-2938

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Apache Tomcat is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

Risk description

Originally reported as a Tomcat vulnerability the root cause of this issue is that the JVM does not correctly decode UTF-8 encoded URLs to UTF-8. This exposes a directory traversal vulnerability when the connector uses URIEncoding=UTF-8. This directory traversal is limited to the docBase of the web application. If a context is configured with allowLinking=true then the directory traversal vulnerability is extended to the entire file system of the host server. It should also be noted that setting useBodyEncodingForURI=true has the same effect as setting URIEncoding=UTF-8 when processing requests with bodies encoded with UTF-8. Although the root cause was quickly identified as a JVM issue and that it affected multiple JVMs from multiple vendors, it was decided to report this as a Tomcat vulnerability until such time as the JVM vendors provided updates to resolve this issue. For further information on the status of this issue for your JVM, contact your JVM vendor. A remote attacker could exploit this vulnerability using directory-traversal strings (such as ../) to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.

Recommendation

Update Apache Tomcat to version 4.1.39, 5.5.27 or 6.0.18 or later which includes a workaround that protects against this and any similar character encoding issues that may still exist in the JVM.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Aug 13, 2008
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available