Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-1860HistoryMay 25, 2007 - 6:30 p.m.
CVE-2007-1860
2007-05-2518:30:00
Debian Security Bug Tracker
security-tracker.debian.org
19
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.974
Percentile
99.9%
mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded … (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libapache-mod-jk | < 1:1.2.23-1 | libapache-mod-jk_1:1.2.23-1_all.deb |
| Debian | 11 | all | libapache-mod-jk | < 1:1.2.23-1 | libapache-mod-jk_1:1.2.23-1_all.deb |
| Debian | 999 | all | libapache-mod-jk | < 1:1.2.23-1 | libapache-mod-jk_1:1.2.23-1_all.deb |
| Debian | 13 | all | libapache-mod-jk | < 1:1.2.23-1 | libapache-mod-jk_1:1.2.23-1_all.deb |
Related
tomcat
tomcat
Fixed in Apache Tomcat 5.5.22, 5.0.SVN
2007-01-23 00:00:00
Fixed in Apache Tomcat JK Connector 1.2.23
2007-01-23 00:00:00
Fixed in Apache Tomcat 4.1.36
2005-06-30 00:00:00
cve
cve
CVE-2007-1860
2007-05-25 18:30:00
CVE-2007-0450
2007-03-16 22:19:00
ubuntucve
ubuntucve
CVE-2007-1860
2007-05-25 00:00:00
CVE-2007-0450
2007-03-16 00:00:00
nvd
nvd
CVE-2007-1860
2007-05-25 18:30:00
CVE-2007-0450
2007-03-16 22:19:00
securityvulns
securityvulns
Apache Tomcat directory traversal
2007-03-14 00:00:00
SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal
2007-03-14 00:00:00
prion
prion
Directory traversal
2007-05-25 18:30:00
Directory traversal
2007-03-16 22:19:00
cvelist
cvelist
CVE-2007-1860
2007-05-25 18:00:00
CVE-2007-0450
2007-03-16 22:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200708-15 (mod_jk)
2008-09-24 00:00:00
FreeBSD Ports: mod_jk
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200708-15 (mod_jk)
2008-09-24 00:00:00
debian
debian
nessus
nessus
FreeBSD : mod_jk -- information disclosure (d9405748-1342-11dc-a35c-001485ab073e)
2007-06-05 00:00:00
GLSA-200708-15 : Apache mod_jk: Directory traversal
2007-08-21 00:00:00
Debian DSA-1312-1 : libapache-mod-jk - programming error
2007-06-21 00:00:00
gentoo
gentoo
Apache mod_jk: Directory traversal
2007-08-19 00:00:00
Tomcat: Information disclosure
2007-05-01 00:00:00
redhat
redhat
(RHSA-2007:0380) Important: mod_jk security update
2007-05-30 00:00:00
(RHSA-2007:0379) Important: mod_jk security update
2007-05-30 00:00:00
(RHSA-2007:0360) Important: jbossas security update
2007-05-24 00:00:00
freebsd
freebsd
mod_jk -- information disclosure
2007-05-18 00:00:00
tomcat -- multiple vulnerabilities
2007-04-27 00:00:00
github
github
Apache Tomcat Directory Traversal
2022-05-01 17:44:16
veracode
veracode
Directory Traversal
2018-11-13 06:27:26
packetstorm
packetstorm
SA-20070314-0.txt
2007-03-20 00:00:00
exploitdb
exploitdb
Apache Tomcat 5.x/6.0.x - Directory Traversal
2007-03-14 00:00:00
osv
osv
Apache Tomcat Directory Traversal
2022-05-01 17:44:16
hackerone
hackerone
checkpoint_advisories
checkpoint_advisories
Apache Tomcat URIencoding Directory Traversal (CVE-2007-0450; CVE-2008-2938)
2009-11-01 00:00:00
vmware
vmware
centos
centos
jakarta, tomcat5 security update
2007-05-14 22:49:09
oraclelinux
oraclelinux
Important: tomcat security update
2007-06-26 00:00:00
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.974
Percentile
99.9%
Related for DEBIANCVE:CVE-2007-1860