Home > Vulnerability Database > CVE-2007-5461

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2007-5461

Date: October 15, 2007

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

Severity Score

3.1

Related Resources (86)

Url: http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/37243

Url: http://secunia.com/advisories/27481

Url: http://secunia.com/advisories/30899

Url: http://support.apple.com/kb/HT2163

Url: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

Url: https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

Url: https://github.com/apache/tomcat

Url: http://www.securityfocus.com/bid/26070

Url: http://support.apple.com/kb/HT3216

Url: http://www.vmware.com/security/advisories/VMSA-2008-0010.html

Url: http://issues.apache.org/jira/browse/GERONIMO-3549

Url: https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

Url: http://secunia.com/advisories/27398

Url: http://security.gentoo.org/glsa/glsa-200804-10.xml

Url: https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Url: http://secunia.com/advisories/32222

Url: http://secunia.com/advisories/32266

Url: https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d

Url: http://www.redhat.com/support/errata/RHSA-2008-0862.html

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

Url: http://secunia.com/advisories/31493

Url: http://www.vupen.com/english/advisories/2008/2823

Url: https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E

Url: http://www.vupen.com/english/advisories/2007/3671

Url: http://www.vmware.com/security/advisories/VMSA-2009-0016.html

Url: https://access.redhat.com/security/cve/CVE-2007-5461

Url: http://www.vupen.com/english/advisories/2007/3674

Url: https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c

Url: http://www.securityfocus.com/bid/31681

Url: http://secunia.com/advisories/27727

Url: http://rhn.redhat.com/errata/RHSA-2008-0630.html

Url: https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Url: https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

Url: http://www.vupen.com/english/advisories/2008/1856/references

Url: http://www.debian.org/security/2008/dsa-1453

Url: https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

Url: http://secunia.com/advisories/30802

Url: http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-5461

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:241

Url: http://secunia.com/advisories/27446

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:136

Url: http://www.redhat.com/support/errata/RHSA-2008-0195.html

Url: http://secunia.com/advisories/29242

Url: http://www.redhat.com/support/errata/RHSA-2008-0042.html

Url: http://www.vupen.com/english/advisories/2009/3316

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm

Url: https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Url: http://tomcat.apache.org/security-5.html

Url: http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html

Url: http://www.securitytracker.com/id?1018864

Url: http://secunia.com/advisories/30676

Url: http://www.vupen.com/english/advisories/2008/1979/references

Url: http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

Url: http://www.vupen.com/english/advisories/2007/3622

Url: http://marc.info/?l=full-disclosure&m=119239530508382

Url: http://marc.info/?l=bugtraq&m=139344343412337&w=2

Url: http://www.debian.org/security/2008/dsa-1447

Url: https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

Url: http://www.vupen.com/english/advisories/2008/1981/references

Url: https://www.exploit-db.com/exploits/4530

Url: http://secunia.com/advisories/29711

Url: https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

Url: http://tomcat.apache.org/security-4.html

Url: http://secunia.com/advisories/29313

Url: https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Url: http://www.vupen.com/english/advisories/2008/2780

Url: http://secunia.com/advisories/28361

Url: http://www-1.ibm.com/support/docview.wss?uid=swg21286112

Url: http://secunia.com/advisories/57126

Url: http://secunia.com/advisories/32120

Url: http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

Url: http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705%40apache.org%3E

Url: https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

Url: http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

Url: http://www.securityfocus.com/archive/1/507985/100/0/threaded

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9202

Url: http://secunia.com/advisories/37460

Url: http://tomcat.apache.org/security-6.html

Url: https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

Url: http://secunia.com/advisories/28317

Url: https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E

Url: http://www.redhat.com/support/errata/RHSA-2008-0261.html

Url: http://secunia.com/advisories/30908

Url: https://www.mend.io/vulnerability-database/CVE-2007-5461

Severity Score

3.1

Weakness Type (CWE)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-22

CVSS v3.1

Base Score:	3.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	3.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	SINGLE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us