ID

VAR-200808-0154


CVE

CVE-2008-2938


TITLE

Apache Tomcat UTF8 Directory Traversal Vulnerability

Trust: 0.8

sources: CERT/CC: VU#343355

DESCRIPTION

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Multiple Java runtime implementations are prone to a vulnerability because the applications fail to sufficiently sanitize user-supplied input. Exploiting this issue in Apache Tomcat will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks. Other attacks may also be possible. Exploiting this issue in other applications will depend on the individual application. Successful exploits may result in a bypass of intended security filters. This may have various security impacts. We will update this BID pending further investigation. UPDATE (December, 18, 2008): Reports indicate that this issue may affect additional, unspecified Java Virtual Machine (JVM) implementations distributed by Sun, HP, IBM, Apple, and Apache. We will update this BID as more information becomes available. UPDATE (January 9, 2009): This BID previously documented an issue in Apache Tomcat. Further reports indicate that the underlying issue is in various Java runtime implementations. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01650939 Version: 1 HPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2009-02-02 Last Updated: 2009-02-02 Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite. HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or earlier or Tomcat-based Servelet Engine v5.5.27.01.01 or earlier HP-UX B.11.11 running Apache-based Web Server v2.2.8.01.01 or earlier BACKGROUND CVSS 2.0 Base Metrics =============================================== Reference Base Vector Base Score CVE-2007-6420 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-1232 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-1947 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-2364 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0 CVE-2008-2370 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0 CVE-2008-2938 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-3658 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 7.5 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002. RESOLUTION HP has provided the following upgrades to resolve these vulnerabilities. The upgrades are available from the following location: URL: http://software.hp.com Note: HP-UX Web Server Suite v.3.02 contains HP-UX Apache-based Web Server v.2.2.8.01.02 and HP-UX Tomcat-based Servlet Engine 5.5.27.01.01 HP-UX Release - B.11.23 and B.11.31 PA-32 Apache Depot name - HPUXWSATW-B302-32.depot HP-UX Release - B.11.23 and B.11.31 IA-64 Apache Depot name - HPUXWSATW-B302-64.depot HP-UX Release - B.11.11 PA-32 Apache Depot name - HPUXWSATW-B222-1111.depot MANUAL ACTIONS: Yes - Update Install Apache-based Web Server or Tomcat-based Servelet Engine from the Apache Web Server Suite v3.02 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 ================== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY hpuxwsTOMCAT.TOMCAT hpuxwsWEBMIN.WEBMIN action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com HP-UX B.11.23 ================== hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 hpuxws22TOMCAT.TOMCAT hpuxws22WEBMIN.WEBMIN action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com HP-UX B.11.31 ================== hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 hpuxws22APACHE.WEBPROXY hpuxws22APACHE.WEBPROXY2 hpuxws22TOMCAT.TOMCAT hpuxws22WEBMIN.WEBMIN action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com END AFFECTED VERSIONS HISTORY Version:1 (rev.1) 2 February 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." \xa9Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBSYhX8+AfOvwtKn1ZEQJxcACeJa8lt5TkhV5qnaGRTaBh4kqHutgAoJbH XCe08aGCzEZj/q4n91JQnhq6 =XImF -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-2938: Apache Tomcat information disclosure vulnerability - Update 2 Severity: Important Vendor: Multiple (was The Apache Software Foundation) Versions Affected: Various Description (new information): This vulnerability was originally reported to the Apache Software Foundation as a Tomcat vulnerability. Investigations quickly identified that the root cause was an issue with the UTF-8 charset implementation within the JVM. It was decided to continue to report this as a Tomcat vulnerability until such time as the JVM vendors had released fixed versions. Unfortunately, the release of fixed JVMs and associated vulnerability disclosure has not been co-ordinated. There has been some confusion within the user community as to the nature and root cause of CVE-2008-2938. Mitigation: Contact your JVM vendor for further information. Tomcat users may upgrade as follows to a Tomcat version that contains a workaround: 6.0.x users should upgrade to 6.0.18 5.5.x users should upgrade to 5.5.27 4.1.x users should upgrade to 4.1.39 Credit: This additional information was discovered by the Apache security team. This release updates Tomcat to 5.5.27 which patches several security vulnerabilities. Affected Products ================= The WiKID Strong Authentication Server - Enterprise Edition The WiKID Strong Authentication Server - Community Edition References ========== http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 Mitigation ========== Commercial users may download the most recent RPMs from the website: http://www.wikidsystems.com/downloads/ Users of the open source community version may download packages from Sourceforge: https://sourceforge.net/project/showfiles.php?group_id=144774 - -- Nick Owen WiKID Systems, Inc. 404-962-8983 (desk) http://www.wikidsystems.com Two-factor authentication, without the hassle factor. A cross-site scripting vulnerability was found in the HttpServletResponse.sendError() method which could allow a remote attacker to inject arbitrary web script or HTML via forged HTTP headers (CVE-2008-1232). A cross-site scripting vulnerability was found in the host manager application that could allow a remote attacker to inject arbitrary web script or HTML via the hostname parameter (CVE-2008-1947). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 56ca5eb3e331c6675634a5e3f3c5afd7 2008.0/i586/tomcat5-5.5.23-9.2.10.2mdv2008.0.i586.rpm a1c688654decf045f80fb6d8978c73fa 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm 2b7a97313ece05bbd5596045853cfca0 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm e8384332efad0e2317a646241bece6ee 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.i586.rpm a30cc8061f55f2613c517574263cdd21 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 4f4a12c8479f27c7f9ed877f5821afa3 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm ced904c459478c1123ed5da41dddbd7f 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 183e045a9b44747c7a4adaec5c860441 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm 78af5a5788ac359a99a24f03a39c7b94 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm 8e8569bfab5abef912299b9b751e49e9 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 6899c327906423cdd02b930221c2496e 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: c4d1c4471c29d8cd34adb9f2002ef294 2008.0/x86_64/tomcat5-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 2caf09173a64a378636496196d99756f 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm d6a9a290638267a1117a55041986d31a 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 2eead87d72af58ddc9e934b55e49a1aa 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 0fab26f89e83c882c5948a430bf82c8b 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 833334424b555a77e2a9951b71ed8fa3 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 115561d6233c3890cf3b85a7599ed03b 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm eccf76ede6fb9256a2b52c861a9b0bb3 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm cd9df1a8a1a5cb3216221bdefdfe8476 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm f7440a4111ec2fd30fa32e4bd74a0a20 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 1464eb297888c4df98d8b7eabe7f0197 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm Mandriva Linux 2008.1: 594abdc70bc430657eb831520926c73f 2008.1/i586/tomcat5-5.5.25-1.2.1.1mdv2008.1.i586.rpm bdec2b83b4fdb4d10a01a65fbdac512d 2008.1/i586/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm 3dbc007722996d1c36f31642f80b5c2a 2008.1/i586/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm 04b23d162d13f84d1d8707646ea9148c 2008.1/i586/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.i586.rpm 602bf7d4ff261e8af20d50b9e76634bb 2008.1/i586/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.i586.rpm 0066e7519a2d3478f0a3e70bd95a7e5b 2008.1/i586/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm 1ba4743762cfa4594a27f0393de47823 2008.1/i586/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm 262f2a39b800562cef36d724ce3efa35 2008.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm b9f2af35a734d0e3a2d9bfe292aaced1 2008.1/i586/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm 8307ef374c5b995feac394b6f27474d5 2008.1/i586/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm 3f4692170c35f992defcb4111a8133cd 2008.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm 02b9d28af879b825754eff6199bf1788 2008.1/i586/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 6b1e03e5206eb262970198dccba7d0a3 2008.1/x86_64/tomcat5-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 930cf38058a0f8902e2741c6512e0aa0 2008.1/x86_64/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm c527521cb93bab31df3f91422faf02a6 2008.1/x86_64/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm f8bef98047ef956c8e4c0f877155e1f1 2008.1/x86_64/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 97a8a59178259d26838ce20c176c459a 2008.1/x86_64/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 3bb885debc8576bd305c9fa4c9d25bfb 2008.1/x86_64/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 66dcf08e163fdaaf81992a7d25d84a20 2008.1/x86_64/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm dd92aab81bf4c75ab30b9b82153b24c0 2008.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 517ed776282d089dd84f81d47104f660 2008.1/x86_64/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 83d4bb973b7fec461e812d74541a5949 2008.1/x86_64/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm cbdd58e1c9e1e8f0089af055abbd85e0 2008.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm cbee0f1f720269f77a66e30709ecd7ae 2008.1/x86_64/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIwYsKmqjQ0CJFipgRApJjAKCVZ1XtEGoADQcp8l/m1ECSRstnjACg4qE8 j+sCdAEJN0CXvurmFcjUvNU= =+kFf -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15895 VERIFY ADVISORY: http://secunia.com/advisories/15895/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/ DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system. http://sourceforge.net/project/showfiles.php?group_id=66479 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . In these configurations arbitrary files in the docBase for an application, including files such as web.xml, may be disclosed. Secure Network - Security Research Advisory Vuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities Systems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882 Systems not affected: -- Severity: High Local/Remote: Remote Vendor URL: http://www.toutvirtual.com Author(s): Alberto Trivero (a.trivero@securenetwork.it) Claudio Criscione (c.criscione@securenetwork.it) Vendor disclosure: 02/07/2009 Vendor acknowledged: 16/07/2009 Vendor patch release: notified us on 06/11/2009 Public disclosure: 07/11/2009 Advisory number: SN-2009-02 Advisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt *** SUMMARY *** ToutVirtual's VirtualIQ Pro is specifically designed for IT administrators responsible for managing virtual platforms. VirtualIQ Pro provides Visibility, Analytics and policy-based Optimization - all from one single console. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type II hypervisors. VirtualIQ Pro can be used to visualize, analyze and optimize your choice of virtualization platform - Citrix, Microsoft, Novell, Oracle and/or VMware. Multiple vulnerabilities has been found which a allow an attacker to conduct various XSS and CSRF attack, and other attacks due to the use of an old an not hardened version of the web server. *** VULNERABILITY DETAILS *** (a) Cross-site scripting (XSS) Due to an improper sanitization of user's input, multiple XSS attacks (reflective and stored) are possible. Reflective PoCs: http://server:9080/tvserver/server/user/setPermissions.jsp?userId=1"><script>alert(1)</script>&amp;resultResourceIds=111-222-1933email@address.tst http://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&amp;deptName=%22;alert(1);//&amp;deptId=1&amp;deptDesc=asd http://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;alert(1);// http://server:9080/tvserver/reports/virtualIQAdminReports.do?command=getFilter&amp;reportName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E Stored XSS attacks can be triggered in the "Middle Name" parameter in the "Edit Profile" page with an HTTP request like the following: POST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1 Host: server:9080 Cookies: JSESSIONID=[...] userName=IQMANAGER&firstName=IQ&middleName=asd'; alert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&password=********&retypePassword=********&redirect=null&passwordModifed=false&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1 (b) Cross-site request forgery (CSRF) An attacker can perform different types of CSRF attacks against a logged user. He can, for example, shutdown, start or restart an arbitrary virtual machine, schedule new activities and so on. The following HTTP request, if forged by the attacker and executed by the victim while logged on VirtualIQ, creates an arbitrary user: POST /tvserver/user/user.do?command=save&userId= HTTP/1.1 Host: server:9080 Cookie: JSESSIONID=[...] userName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40asd.com&password=asd6&retypePassword=asd6&redirect=null&passwordModifed=false&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1 (c) Web server vulnerabilities VirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which multiple public vulnerabilities have been released. As a PoC, a directory traversal attack (CVE-2008-2938) can be performed as: http://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml Listing of an arbitrary directory (CVE-2006-3835) can also be obtained with the following PoC: http://192.168.229.85:9080/tvserver/server/;index.jsp (d) Information Leakage Tomcat status page should be disabled or restricted, being accessible at: http://status:9080/status Username and password to access a VM through SSH are also available in clear text in the configuration page. Since an XSS vulnerability can also be triggered in the same page, an attacker would also be able to easily capture the full credentials to access the VM with a specially crafted XSS payload. *** FIX INFORMATION *** Upgrade to the latest version, at the moment 3.5 build 10.14.2009 *** WORKAROUNDS *** -- ********************* *** LEGAL NOTICES *** ********************* Secure Network (www.securenetwork.it) is an information security company, which provides consulting and training services, and engages in security research and development. We are committed to open, full disclosure of vulnerabilities, cooperating whenever possible with software developers for properly handling disclosure. This advisory is copyright 2009 Secure Network S.r.l. Permission is hereby granted for the redistribution of this alert, provided that it is not altered except by reformatting it, and that due credit is given. It may not be edited in any way without the express consent of Secure Network S.r.l. Permission is explicitly given for insertion in vulnerability databases and similars, provided that due credit is given to Secure Network. This information is provided as-is, as a free service to the community by Secure Network research staff. There are no warranties with regard to this information. Secure Network does not accept any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. If you have any comments or inquiries, or any issue with what is reported in this advisory, please inform us as soon as possible. E-mail: securenetwork@securenetwork.it GPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc Phone: +39 02 24 12 67 88 -- Claudio Criscione Secure Network S.r.l. Via Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia Tel: +39 02.24126788 Mob: +39 392 3389178 email: c.criscione@securenetwork.it web: www.securenetwork.it

Trust: 4.05

sources: NVD: CVE-2008-2938 // CERT/CC: VU#343355 // CERT/CC: VU#442845 // JVNDB: JVNDB-2008-001611 // BID: 30633 // VULMON: CVE-2008-2938 // PACKETSTORM: 74633 // PACKETSTORM: 73193 // PACKETSTORM: 70055 // PACKETSTORM: 69700 // PACKETSTORM: 38388 // PACKETSTORM: 69819 // PACKETSTORM: 82649

AFFECTED PRODUCTS

vendor:apachemodel:tomcatscope:lteversion:4.1.37

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:4.0.0

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:5.0.0

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:6.0.16

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:6.0.0

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:5.5.26

Trust: 1.0

vendor:sunmodel:jre 06scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 03scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 02scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 01scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 09scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 08scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 03scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 02scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 01scope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.4.2

Trust: 0.9

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 13scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 12scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 10scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 17scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 16scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 13scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 12scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 11scope: - version: -

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.15

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.14

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.13

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.12

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.11

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.10

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.3

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.2

Trust: 0.9

vendor:apachemodel:tomcatscope:eqversion:6.0.1

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope:neversion: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 17scope:neversion: -

Trust: 0.9

vendor:sunmodel:jre 1.4.2 19scope:neversion: -

Trust: 0.9

vendor:apache tomcatmodel: - scope: - version: -

Trust: 0.8

vendor:drupalmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:pear xml rpcmodel: - scope: - version: -

Trust: 0.8

vendor:phpxmlrpcmodel: - scope: - version: -

Trust: 0.8

vendor:postnukemodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:serendipitymodel: - scope: - version: -

Trust: 0.8

vendor:trustix secure linuxmodel: - scope: - version: -

Trust: 0.8

vendor:ubuntu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:wordpressmodel: - scope: - version: -

Trust: 0.8

vendor:xoopsmodel: - scope: - version: -

Trust: 0.8

vendor:phpmyfaqmodel: - scope: - version: -

Trust: 0.8

vendor:apachemodel:tomcatscope:eqversion:4.1.0 to 4.1.37

Trust: 0.8

vendor:apachemodel:tomcatscope:eqversion:5.5.0 to 5.5.26

Trust: 0.8

vendor:apachemodel:tomcatscope:eqversion:6.0.0 to 6.0.16

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.5

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86)

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86-64)

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.31

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:5 (server)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:5.0 (client)

Trust: 0.8

vendor:red hatmodel:rhel desktop workstationscope:eqversion:5 (client)

Trust: 0.8

vendor:necmodel:webotx application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application framework suitescope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage apworksscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage business application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage job workload serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage studioscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage web serverscope: - version: -

Trust: 0.8

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.5.0.0 09scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.5.0.0 08scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.5.0.0 07scope: - version: -

Trust: 0.6

vendor:apachemodel:tomcatscope:eqversion:6.0.0

Trust: 0.6

vendor:wikidmodel:systems wikid serverscope:eqversion:3.0.4

Trust: 0.3

vendor:susemodel:linux enterprise server sp2scope:eqversion:10

Trust: 0.3

vendor:sunmodel:solarisscope:eqversion:10

Trust: 0.3

vendor:sunmodel:jre 07scope:eqversion:1.5

Trust: 0.3

vendor:sunmodel:jre betascope:eqversion:1.5.0

Trust: 0.3

vendor:sunmodel:jre 10-b03scope:eqversion:1.4.2

Trust: 0.3

vendor:sunmodel:jre 1.5.0 09scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.5.0 08scope: - version: -

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:10.3

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:10.2

Trust: 0.3

vendor:redhatmodel:red hat network satellite serverscope:eqversion:5.0.1

Trust: 0.3

vendor:redhatmodel:red hat network satellite serverscope:eqversion:5.0

Trust: 0.3

vendor:redhatmodel:red hat network satellite (for rhelscope:eqversion:4)5.1

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platform el5scope:eqversion:4.2

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platform el4scope:eqversion:4.2

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platform .cp03scope:eqversion:4.2

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:4.2

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop workstation clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:developer suite as4scope:eqversion:3

Trust: 0.3

vendor:redhatmodel:application server ws4scope:eqversion:2

Trust: 0.3

vendor:redhatmodel:application server es4scope:eqversion:2

Trust: 0.3

vendor:redhatmodel:application server as4scope:eqversion:2

Trust: 0.3

vendor:oraclemodel:oracle10g application serverscope:eqversion:10.1.3.1.0

Trust: 0.3

vendor:openjdkmodel:javascope:eqversion:1.6

Trust: 0.3

vendor:novellmodel:zenworks linux managementscope:eqversion:7.3

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2008.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2008.1

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2008.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2008.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.23scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:fujitsumodel:interstage studio standard-j editionscope:eqversion:9.1

Trust: 0.3

vendor:fujitsumodel:interstage studio standard-j editionscope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage studio standard-j editionscope:eqversion:8.0.1

Trust: 0.3

vendor:fujitsumodel:interstage studio standard-j edition bscope:eqversion:9.1.0

Trust: 0.3

vendor:fujitsumodel:interstage studio enterprise editionscope:eqversion:9.1

Trust: 0.3

vendor:fujitsumodel:interstage studio enterprise editionscope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage studio enterprise editionscope:eqversion:8.0.1

Trust: 0.3

vendor:fujitsumodel:interstage studio enterprise edition bscope:eqversion:9.1.0

Trust: 0.3

vendor:fujitsumodel:interstage job workload serverscope:eqversion:8.1

Trust: 0.3

vendor:fujitsumodel:interstage business application server enterprisescope:eqversion:8.0.0

Trust: 0.3

vendor:fujitsumodel:interstage apworks modelers-j editionscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage apworks modelers-j edition 6.0ascope: - version: -

Trust: 0.3

vendor:fujitsumodel:interstage apworks modelers-j editionscope:eqversion:6.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j editionscope:eqversion:9.1

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j edition ascope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j editionscope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j editionscope:eqversion:8.0.2

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j editionscope:eqversion:8.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j edition 9.1.0bscope: - version: -

Trust: 0.3

vendor:fujitsumodel:interstage application server plus developerscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage application server plus developerscope:eqversion:6.0

Trust: 0.3

vendor:fujitsumodel:interstage application server plusscope:eqversion:7.0.1

Trust: 0.3

vendor:fujitsumodel:interstage application server plusscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage application server plusscope:eqversion:6.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:9.1

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise edition ascope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:8.0.2

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:8.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:7.0.1

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise edition 9.1.0bscope: - version: -

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:meeting exchange enterprise editionscope:eqversion: -

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0.0.52

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:4.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:4.0.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:3.1.6

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:3.1.5

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:3.1.4

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:3.1.3

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:4.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:3.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0.16

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0.9

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0.8

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0.7

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0.6

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0.5

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0.4

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:6.0

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.26

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.25

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.24

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.23

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.22

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.21

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.20

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.19

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.18

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.17

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.16

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.15

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.14

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.13

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.12

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.11

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.10

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.9

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.8

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.7

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.6

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.5

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.4

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.3

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.2

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5.1

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:5.5

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.37

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.36

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.34

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.32

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.31

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.30

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.29

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.28

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.24

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.12

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.10

Trust: 0.3

vendor:apachemodel:tomcat betascope:eqversion:4.1.9

Trust: 0.3

vendor:apachemodel:tomcat betascope:eqversion:4.1.3

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1.3

Trust: 0.3

vendor:apachemodel:tomcatscope:eqversion:4.1

Trust: 0.3

vendor:apachemodel:harmony m8scope:eqversion:5.0

Trust: 0.3

vendor:apachemodel:harmony m7scope:eqversion:5.0

Trust: 0.3

vendor:wikidmodel:systems wikid serverscope:neversion:3.0.5

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platform .cp04scope:neversion:4.2

Trust: 0.3

vendor:apachemodel:tomcatscope:neversion:6.0.18

Trust: 0.3

vendor:apachemodel:tomcatscope:neversion:5.5.27

Trust: 0.3

vendor:apachemodel:tomcatscope:neversion:4.1.39

Trust: 0.3

sources: CERT/CC: VU#343355 // CERT/CC: VU#442845 // BID: 30633 // JVNDB: JVNDB-2008-001611 // CNNVD: CNNVD-200808-165 // NVD: CVE-2008-2938

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-2938
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#343355
value: 7.14

Trust: 0.8

CARNEGIE MELLON: VU#442845
value: 20.75

Trust: 0.8

NVD: CVE-2008-2938
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200808-165
value: MEDIUM

Trust: 0.6

VULMON: CVE-2008-2938
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-2938
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: CERT/CC: VU#343355 // CERT/CC: VU#442845 // VULMON: CVE-2008-2938 // JVNDB: JVNDB-2008-001611 // CNNVD: CNNVD-200808-165 // NVD: CVE-2008-2938

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2008-001611 // NVD: CVE-2008-2938

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200808-165

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-200808-165

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-001611

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2008-2938

PATCH

title:Fixed in Apache Tomcat 5.5.SVNurl:http://tomcat.apache.org/security-5.html

Trust: 0.8

title:Fixed in Apache Tomcat 6.0.18url:http://tomcat.apache.org/security-6.html

Trust: 0.8

title:Fixed in Apache Tomcat 4.1.SVNurl:http://tomcat.apache.org/security-4.html

Trust: 0.8

title:HT3216url:http://support.apple.com/kb/HT3216

Trust: 0.8

title:HT3216url:http://support.apple.com/kb/HT3216?viewlocale=ja_JP

Trust: 0.8

title:tomcat5-5.5.23-0jpp.7.1.1AXS3url:https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=156

Trust: 0.8

title:HPSBUX02401url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01650939

Trust: 0.8

title:NV09-013url:http://www.nec.co.jp/security-info/secinfo/nv09-013.html

Trust: 0.8

title:RHSA-2008:0648url:https://rhn.redhat.com/errata/RHSA-2008-0648.html

Trust: 0.8

title:Multiple vulnerabilities in Oracle Java Web Consoleurl:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java1

Trust: 0.8

title:interstage_as_201003url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201003.html

Trust: 0.8

title:Red Hat: Important: jbossweb security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20080877 - Security Advisory

Trust: 0.1

title:Red Hat: Important: tomcat security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20080864 - Security Advisory

Trust: 0.1

title:Red Hat: Low: tomcat security update for Red Hat Network Satellite Serverurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20081007 - Security Advisory

Trust: 0.1

title:Red Hat: Important: tomcat security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20080862 - Security Advisory

Trust: 0.1

title:Offensiveurl:https://github.com/Naramsim/Offensive

Trust: 0.1

title: - url:https://github.com/CVEDB/PoC-List

Trust: 0.1

sources: VULMON: CVE-2008-2938 // JVNDB: JVNDB-2008-001611

EXTERNAL IDS

db:NVDid:CVE-2008-2938

Trust: 3.4

db:CERT/CCid:VU#343355

Trust: 2.8

db:BIDid:30633

Trust: 2.8

db:SECTRACKid:1020665

Trust: 2.5

db:BIDid:31681

Trust: 1.7

db:SECUNIAid:31639

Trust: 1.7

db:SECUNIAid:31891

Trust: 1.7

db:SECUNIAid:31982

Trust: 1.7

db:SECUNIAid:33797

Trust: 1.7

db:SECUNIAid:32222

Trust: 1.7

db:SECUNIAid:32120

Trust: 1.7

db:SECUNIAid:31865

Trust: 1.7

db:SECUNIAid:32266

Trust: 1.7

db:SECUNIAid:37297

Trust: 1.7

db:VUPENid:ADV-2008-2343

Trust: 1.7

db:VUPENid:ADV-2008-2823

Trust: 1.7

db:VUPENid:ADV-2008-2780

Trust: 1.7

db:VUPENid:ADV-2009-0320

Trust: 1.7

db:SREASONid:4148

Trust: 1.7

db:EXPLOIT-DBid:6229

Trust: 1.7

db:SECUNIAid:15895

Trust: 0.9

db:SECUNIAid:15810

Trust: 0.8

db:SECUNIAid:15922

Trust: 0.8

db:SECUNIAid:15852

Trust: 0.8

db:SECUNIAid:15855

Trust: 0.8

db:SECUNIAid:15861

Trust: 0.8

db:SECUNIAid:15862

Trust: 0.8

db:SECUNIAid:15872

Trust: 0.8

db:SECUNIAid:15883

Trust: 0.8

db:SECUNIAid:15884

Trust: 0.8

db:BIDid:14088

Trust: 0.8

db:SECTRACKid:1014327

Trust: 0.8

db:CERT/CCid:VU#442845

Trust: 0.8

db:XFid:44411

Trust: 0.8

db:JVNDBid:JVNDB-2008-001611

Trust: 0.8

db:CNNVDid:CNNVD-200808-165

Trust: 0.6

db:VULMONid:CVE-2008-2938

Trust: 0.1

db:PACKETSTORMid:74633

Trust: 0.1

db:PACKETSTORMid:73193

Trust: 0.1

db:PACKETSTORMid:70055

Trust: 0.1

db:PACKETSTORMid:69700

Trust: 0.1

db:PACKETSTORMid:38388

Trust: 0.1

db:PACKETSTORMid:69819

Trust: 0.1

db:PACKETSTORMid:82649

Trust: 0.1

sources: CERT/CC: VU#343355 // CERT/CC: VU#442845 // VULMON: CVE-2008-2938 // BID: 30633 // JVNDB: JVNDB-2008-001611 // PACKETSTORM: 74633 // PACKETSTORM: 73193 // PACKETSTORM: 70055 // PACKETSTORM: 69700 // PACKETSTORM: 38388 // PACKETSTORM: 69819 // PACKETSTORM: 82649 // CNNVD: CNNVD-200808-165 // NVD: CVE-2008-2938

REFERENCES

url:http://www.securityfocus.com/bid/30633

Trust: 3.1

url:http://www.securityfocus.com/bid/31681

Trust: 2.3

url:http://www.kb.cert.org/vuls/id/343355

Trust: 2.1

url:http://tomcat.apache.org/security-6.html

Trust: 2.0

url:http://support.avaya.com/elmodocs2/security/asa-2008-401.htm

Trust: 2.0

url:http://www.redhat.com/support/errata/rhsa-2008-0648.html

Trust: 1.7

url:http://secunia.com/advisories/31639

Trust: 1.7

url:http://www.securitytracker.com/id?1020665

Trust: 1.7

url:http://tomcat.apache.org/security-4.html

Trust: 1.7

url:http://tomcat.apache.org/security-5.html

Trust: 1.7

url:http://www.mandriva.com/security/advisories?name=mdvsa-2008:188

Trust: 1.7

url:https://www.redhat.com/archives/fedora-package-announce/2008-september/msg00859.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html

Trust: 1.7

url:http://secunia.com/advisories/31891

Trust: 1.7

url:https://www.redhat.com/archives/fedora-package-announce/2008-september/msg00889.html

Trust: 1.7

url:http://secunia.com/advisories/31865

Trust: 1.7

url:https://www.redhat.com/archives/fedora-package-announce/2008-september/msg00712.html

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2008-0862.html

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2008-0864.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html

Trust: 1.7

url:http://support.apple.com/kb/ht3216

Trust: 1.7

url:http://secunia.com/advisories/32222

Trust: 1.7

url:http://securityreason.com/securityalert/4148

Trust: 1.7

url:http://secunia.com/advisories/31982

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=123376588623823&w=2

Trust: 1.7

url:http://secunia.com/advisories/33797

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

Trust: 1.7

url:http://secunia.com/advisories/32120

Trust: 1.7

url:http://secunia.com/advisories/32266

Trust: 1.7

url:http://www.securenetwork.it/ricerca/advisory/download/sn-2009-02.txt

Trust: 1.7

url:http://secunia.com/advisories/37297

Trust: 1.7

url:http://www.vupen.com/english/advisories/2009/0320

Trust: 1.7

url:http://www.vupen.com/english/advisories/2008/2823

Trust: 1.7

url:http://www.vupen.com/english/advisories/2008/2343

Trust: 1.7

url:http://www.vupen.com/english/advisories/2008/2780

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/44411

Trust: 1.7

url:https://www.exploit-db.com/exploits/6229

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10587

Trust: 1.7

url:http://www.securityfocus.com/archive/1/507729/100/0/threaded

Trust: 1.7

url:http://www.securityfocus.com/archive/1/495318/100/0/threaded

Trust: 1.7

url:https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3cdev.tomcat.apache.org%3e

Trust: 1.7

url:https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3cdev.tomcat.apache.org%3e

Trust: 1.7

url:https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3cdev.tomcat.apache.org%3e

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2938

Trust: 1.0

url:http://secunia.com/advisories/15895/

Trust: 0.9

url:http://secunia.com/advisories/15852/

Trust: 0.9

url:about vulnerability notes

Trust: 0.8

url:contact us about this vulnerability

Trust: 0.8

url:provide a vendor statement

Trust: 0.8

url:http://www.hardened-php.net/advisory-022005.php

Trust: 0.8

url:http://secunia.com/advisories/15861/

Trust: 0.8

url:http://secunia.com/advisories/15862/

Trust: 0.8

url:http://secunia.com/advisories/15884/

Trust: 0.8

url:http://secunia.com/advisories/15883/

Trust: 0.8

url:http://news.postnuke.com/modules.php?op=modload&name=news&file=article&sid=2699

Trust: 0.8

url:http://secunia.com/advisories/15855/

Trust: 0.8

url:http://secunia.com/advisories/15810/

Trust: 0.8

url:http://secunia.com/advisories/15872/

Trust: 0.8

url:http://secunia.com/advisories/15922/

Trust: 0.8

url:http://securitytracker.com/alerts/2005/jun/1014327.html

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00088-07022005

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00087-07012005

Trust: 0.8

url:http://www.securityfocus.com/bid/14088

Trust: 0.8

url:http://www.frsirt.com/english/advisories/2008/2343

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/44411

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2938

Trust: 0.8

url:http://securitytracker.com/id?1020665

Trust: 0.8

url:/archive/1/496168

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2008-2938

Trust: 0.6

url:https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3cdev.tomcat.apache.org%3e

Trust: 0.6

url:https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3cdev.tomcat.apache.org%3e

Trust: 0.6

url:https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3cdev.tomcat.apache.org%3e

Trust: 0.6

url:http://tomcat.apache.org/

Trust: 0.3

url:http://java.sun.com/javase/6/webnotes/6u11.html

Trust: 0.3

url:http://harmony.apache.org/

Trust: 0.3

url:http://www.redhat.com/docs/en-us/jboss_enterprise_application_platform/4.2.0.cp04/html-single/readme/index.html

Trust: 0.3

url:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java

Trust: 0.3

url:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java1

Trust: 0.3

url:http://openjdk.java.net/

Trust: 0.3

url:msg://bugtraq/8ba534860901192056k63dc5e78j5555f5f09997eabf@mail.gmail.com

Trust: 0.3

url:https://sourceforge.net/project/shownotes.php?release_id=626903&group_id=144774

Trust: 0.3

url:http://download.novell.com/download?buildid=n5vszfht1vs

Trust: 0.3

url:/archive/1/495318

Trust: 0.3

url:/archive/1/499926

Trust: 0.3

url:msg://bugtraq/494a7e59.80909@apache.org

Trust: 0.3

url:http://www.fujitsu.com/global/support/software/security/products-f/interstage-201003e.html

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2008-0648.html

Trust: 0.3

url:http://www.novell.com/support/viewcontent.do?externalid=7006398

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2008-2370

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2008-1947

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2008-1232

Trust: 0.3

url:http://enigmail.mozdev.org

Trust: 0.3

url:http://tomcat.apache.org/security.html

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1947

Trust: 0.2

url:http://secunia.com/

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1232

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2007-5342

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5342

Trust: 0.2

url:http://lists.grok.org.uk/full-disclosure-charter.html

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2370

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2008:0877

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=16434

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/naramsim/offensive

Trust: 0.1

url:https://www.exploit-db.com/exploits/6229/

Trust: 0.1

url:http://software.hp.com

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-2364

Trust: 0.1

url:http://www.itrc.hp.com/service/cki/secbullarchive.do

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-6420

Trust: 0.1

url:http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc

Trust: 0.1

url:https://www.hp.com/go/swa

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-2939

Trust: 0.1

url:http://h30046.www3.hp.com/subsignin.php

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-3658

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5333

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-6286

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-5333

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-5461

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6286

Trust: 0.1

url:http://www.wikidsystems.com

Trust: 0.1

url:https://sourceforge.net/project/showfiles.php?group_id=144774

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5461

Trust: 0.1

url:http://www.wikidsystems.com/downloads/

Trust: 0.1

url:http://www.mandriva.com/security/

Trust: 0.1

url:http://www.mandriva.com/security/advisories

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/3699/

Trust: 0.1

url:http://sourceforge.net/project/showfiles.php?group_id=66479

Trust: 0.1

url:http://secunia.com/secunia_vacancies/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:http://svn.apache.org/viewvc?view=rev&revision=681065

Trust: 0.1

url:http://www.target.com/contextpath/%c0%ae%c0%ae/web-inf/web.xml

Trust: 0.1

url:http://server:9080/tvserver/server/inventory/inventorytabs.jsp?id=1;alert(1);//

Trust: 0.1

url:http://server:9080/tvserver/reports/virtualiqadminreports.do?command=getfilter&amp;reportname=%22%3e%3cscript%3ealert(1)%3c/script%3e

Trust: 0.1

url:http://server:9080/tvserver/server/%c0%ae%c0%ae/web-inf/web.xml

Trust: 0.1

url:http://status:9080/status

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2006-3835

Trust: 0.1

url:http://www.securenetwork.it/pgpkeys/secure%20network.asc

Trust: 0.1

url:http://www.toutvirtual.com

Trust: 0.1

url:http://server:9080/tvserver/server/user/setpermissions.jsp?userid=1"><script>alert(1)</script>&amp;resultresourceids=111-222-1933email@address.tst

Trust: 0.1

url:http://192.168.229.85:9080/tvserver/server/;index.jsp

Trust: 0.1

url:http://server:9080/web-console/

Trust: 0.1

url:https://www.securenetwork.it)

Trust: 0.1

url:http://server:9080/tvserver/server/user/adddepartment.jsp?addnewdept=0&amp;deptname=%22;alert(1);//&amp;deptid=1&amp;deptdesc=asd

Trust: 0.1

url:http://server:9080/jmx-console/

Trust: 0.1

url:http://www.securenetwork.it/advisories/sn-2009-02.txt

Trust: 0.1

sources: CERT/CC: VU#343355 // CERT/CC: VU#442845 // VULMON: CVE-2008-2938 // BID: 30633 // JVNDB: JVNDB-2008-001611 // PACKETSTORM: 74633 // PACKETSTORM: 73193 // PACKETSTORM: 70055 // PACKETSTORM: 69700 // PACKETSTORM: 38388 // PACKETSTORM: 69819 // PACKETSTORM: 82649 // CNNVD: CNNVD-200808-165 // NVD: CVE-2008-2938

CREDITS

Simon Ryeo※ bar4mi@gmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200808-165

SOURCES

db:CERT/CCid:VU#343355
db:CERT/CCid:VU#442845
db:VULMONid:CVE-2008-2938
db:BIDid:30633
db:JVNDBid:JVNDB-2008-001611
db:PACKETSTORMid:74633
db:PACKETSTORMid:73193
db:PACKETSTORMid:70055
db:PACKETSTORMid:69700
db:PACKETSTORMid:38388
db:PACKETSTORMid:69819
db:PACKETSTORMid:82649
db:CNNVDid:CNNVD-200808-165
db:NVDid:CVE-2008-2938

LAST UPDATE DATE

2024-11-07T21:38:52.975000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#343355date:2008-08-19T00:00:00
db:CERT/CCid:VU#442845date:2007-03-09T00:00:00
db:VULMONid:CVE-2008-2938date:2023-02-13T00:00:00
db:BIDid:30633date:2015-04-13T22:13:00
db:JVNDBid:JVNDB-2008-001611date:2012-09-28T00:00:00
db:CNNVDid:CNNVD-200808-165date:2023-05-06T00:00:00
db:NVDid:CVE-2008-2938date:2023-11-07T02:02:20.957

SOURCES RELEASE DATE

db:CERT/CCid:VU#343355date:2008-08-19T00:00:00
db:CERT/CCid:VU#442845date:2005-07-06T00:00:00
db:VULMONid:CVE-2008-2938date:2008-08-13T00:00:00
db:BIDid:30633date:2008-08-11T00:00:00
db:JVNDBid:JVNDB-2008-001611date:2008-09-04T00:00:00
db:PACKETSTORMid:74633date:2009-02-04T18:45:10
db:PACKETSTORMid:73193date:2008-12-22T04:48:14
db:PACKETSTORMid:70055date:2008-09-17T15:13:40
db:PACKETSTORMid:69700date:2008-09-06T00:23:13
db:PACKETSTORMid:38388date:2005-07-01T23:31:00
db:PACKETSTORMid:69819date:2008-09-10T16:29:31
db:PACKETSTORMid:82649date:2009-11-17T00:59:14
db:CNNVDid:CNNVD-200808-165date:2007-05-16T00:00:00
db:NVDid:CVE-2008-2938date:2008-08-13T00:41:00