CVE-2008-2938

Current Description

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.

Basic Data

PublishedAugust 13, 2008
Last ModifiedMarch 25, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-22
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score4.3
SeverityMEDIUM
Exploitability Score8.6
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationApacheTomcat6.0.0*******
    2.3ApplicationApacheTomcat6.0.1*******
    2.3ApplicationApacheTomcat6.0.2*******
    2.3ApplicationApacheTomcat6.0.3*******
    2.3ApplicationApacheTomcat6.0.4*******
    2.3ApplicationApacheTomcat6.0.5*******
    2.3ApplicationApacheTomcat6.0.6*******
    2.3ApplicationApacheTomcat6.0.7*******
    2.3ApplicationApacheTomcat6.0.8*******
    2.3ApplicationApacheTomcat6.0.9*******
    2.3ApplicationApacheTomcat6.0.10*******
    2.3ApplicationApacheTomcat6.0.11*******
    2.3ApplicationApacheTomcat6.0.12*******
    2.3ApplicationApacheTomcat6.0.13*******
    2.3ApplicationApacheTomcat6.0.14*******
    2.3ApplicationApacheTomcat6.0.15*******
    2.3ApplicationApache Software FoundationTomcat6.0.16*******

Vulnerable Software List

VendorProductVersions
Apache Software Foundation Tomcat 6.0.16
Apache Tomcat 6.0.0, 6.0.1, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.0.14, 6.0.15, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9

References

NameSourceURLTags
APPLE-SA-2008-10-09http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlAPPLE
SUSE-SR:2008:018http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.htmlSUSE
SUSE-SR:2009:004http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlSUSE
HPSBUX02401http://marc.info/?l=bugtraq&m=123376588623823&w=2HP
31639http://secunia.com/advisories/31639SECUNIA
31865http://secunia.com/advisories/31865SECUNIA
31891http://secunia.com/advisories/31891SECUNIA
31982http://secunia.com/advisories/31982SECUNIA
32120http://secunia.com/advisories/32120SECUNIA
32222http://secunia.com/advisories/32222SECUNIA
32266http://secunia.com/advisories/32266SECUNIA
33797http://secunia.com/advisories/33797SECUNIA
37297http://secunia.com/advisories/37297SECUNIA
4148http://securityreason.com/securityalert/4148SREASON
http://support.apple.com/kb/HT3216http://support.apple.com/kb/HT3216CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htmhttp://support.avaya.com/elmodocs2/security/ASA-2008-401.htmCONFIRM
http://tomcat.apache.org/security-4.htmlhttp://tomcat.apache.org/security-4.htmlCONFIRM
http://tomcat.apache.org/security-5.htmlhttp://tomcat.apache.org/security-5.htmlCONFIRM
http://tomcat.apache.org/security-6.htmlhttp://tomcat.apache.org/security-6.htmlCONFIRMPATCH
VU#343355http://www.kb.cert.org/vuls/id/343355CERT-VNUS Government Resource
MDVSA-2008:188http://www.mandriva.com/security/advisories?name=MDVSA-2008:188MANDRIVA
RHSA-2008:0648http://www.redhat.com/support/errata/RHSA-2008-0648.htmlREDHAT
RHSA-2008:0862http://www.redhat.com/support/errata/RHSA-2008-0862.htmlREDHAT
RHSA-2008:0864http://www.redhat.com/support/errata/RHSA-2008-0864.htmlREDHAT
http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txthttp://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txtMISC
20080811 Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerabilityhttp://www.securityfocus.com/archive/1/495318/100/0/threadedBUGTRAQ
20091107 ToutVirtual VirtualIQ Multiple Vulnerabilitieshttp://www.securityfocus.com/archive/1/507729/100/0/threadedBUGTRAQ
30633http://www.securityfocus.com/bid/30633BID
31681http://www.securityfocus.com/bid/31681BID
1020665http://www.securitytracker.com/id?1020665SECTRACK
ADV-2008-2343http://www.vupen.com/english/advisories/2008/2343VUPEN
ADV-2008-2780http://www.vupen.com/english/advisories/2008/2780VUPEN
ADV-2008-2823http://www.vupen.com/english/advisories/2008/2823VUPEN
ADV-2009-0320http://www.vupen.com/english/advisories/2009/0320VUPEN
tomcat-allowlinking-utf8-directory-traversal(44411)https://exchange.xforce.ibmcloud.com/vulnerabilities/44411XF
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3CdevMLIST
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3CdevMLIST
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3CdeMLIST
oval:org.mitre.oval:def:10587https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10587OVAL
6229https://www.exploit-db.com/exploits/6229EXPLOIT-DB
FEDORA-2008-7977https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.htmlFEDORA
FEDORA-2008-8113https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.htmlFEDORA
FEDORA-2008-8130https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.htmlFEDORA