HTTP: Apache Tomcat allowLinking URIencoding Directory Traversal Vulnerability

This signature detects attempts to exploit a known vulnerability against Apache Tomcat.It is due to an input validation error in Tomcat that does not properly sanitize the URI for directory traversal patterns. A successful attack will allow the attacker to gain access to sensitive system files. This may lead to disclosure of sensitive information.

Extended Description

Multiple Java runtime implementations are prone to a vulnerability because the applications fail to sufficiently sanitize user-supplied input. Exploiting this issue in Apache Tomcat will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks. Other attacks may also be possible. Exploiting this issue in other applications will depend on the individual application. Successful exploits may result in a bypass of intended security filters. This may have various security impacts. We will update this BID pending further investigation. UPDATE (December, 18, 2008): Reports indicate that this issue may affect additional, unspecified Java Virtual Machine (JVM) implementations distributed by Sun, HP, IBM, Apple, and Apache. We will update this BID as more information becomes available. UPDATE (January 9, 2009): This BID previously documented an issue in Apache Tomcat. Further reports indicate that the underlying issue is in various Java runtime implementations.

Affected Products

Sun jre_(windows_production_release)

References

BugTraq: 30633

CVE: CVE-2008-2938

Short Name

HTTP:TOMCAT:URL-ENC-DIRTRAV

Severity

Minor

Recommended

False

Recommended Action

Drop

HTTP: Apache Tomcat allowLinking URIencoding Directory Traversal Vulnerability

Extended Description

Affected Products

References

Found a potential security threat?