US-CERT warns of Tomcat vulnerability
The US-CERT warns of a directory traversal issue in Apache Tomcat which could allow access to arbitrary files on the server. The Apache Foundation have released updates to address this vulnerability. Apache Tomcat is a Java web server, designed for hosting Java servlets and Java Server Pages.
The recently released 6.0.18 addresses the directory traversal issue, whilst also fixing other vulnerabilities including two cross-site scripting flaws and an information disclosure issue.
The developers explained that if a context is configured with allowLinking="true"
and the connector is configured with URIEncoding="UTF8"
then a malformed request may give access to arbitrary files on the server.
The directory traversal problem affects Tomcat 4.1, 5 and 6. Users of Tomcat 4.1.0 to 4.1.37 should upgrade to 4.1.38. Tomcat 5.5.0 to 5.5.26 users should move to 5.5.27 and Tomcat 6.0.0 to 6.0.16 users should update to 6.0.18.
The US-CERT says that it is aware of publicly available exploit code for the vulnerability.
See also:
- Apache Tomcat UTF8 Directory Traversal Vulnerability - US-CERT security note
- Apache Tomcat 6.x vulnerabilities
(djwm)