module
Tomcat UTF-8 Directory Traversal Vulnerability
| Disclosed | Created |
|---|---|
| 2009-01-09 | 2018-05-30 |
Disclosed
2009-01-09
Created
2018-05-30
Description
This module tests whether a directory traversal vulnerability is present
in versions of Apache Tomcat 4.1.0 - 4.1.37, 5.5.0 - 5.5.26 and 6.0.0
- 6.0.16 under specific and non-default installations. The connector must have
allowLinking set to true and URIEncoding set to UTF-8. Furthermore, the
vulnerability actually occurs within Java and not Tomcat; the server must
use Java versions prior to Sun 1.4.2_19, 1.5.0_17, 6u11 - or prior IBM Java
5.0 SR9, 1.4.2 SR13, SE 6 SR4 releases. This module has only been tested against
RedHat 9 running Tomcat 6.0.16 and Sun JRE 1.5.0-05. You may wish to change
FILE (hosts,sensitive files), MAXDIRS and RPORT depending on your environment.
in versions of Apache Tomcat 4.1.0 - 4.1.37, 5.5.0 - 5.5.26 and 6.0.0
- 6.0.16 under specific and non-default installations. The connector must have
allowLinking set to true and URIEncoding set to UTF-8. Furthermore, the
vulnerability actually occurs within Java and not Tomcat; the server must
use Java versions prior to Sun 1.4.2_19, 1.5.0_17, 6u11 - or prior IBM Java
5.0 SR9, 1.4.2 SR13, SE 6 SR4 releases. This module has only been tested against
RedHat 9 running Tomcat 6.0.16 and Sun JRE 1.5.0-05. You may wish to change
FILE (hosts,sensitive files), MAXDIRS and RPORT depending on your environment.
Authors
aushack patrick@osisecurity.com.au
guerrino ruggine di massa
guerrino ruggine di massa
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.