Vulnerability Name:

CVE-2006-3835 (CCN-27902)

Assigned:2006-07-21
Published:2006-07-21
Updated:2019-03-25
Summary:Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Full-Disclosure Mailing List, Fri Jul 21 2006 - 14:54:42 CDT
Directory Listing in Apache Tomcat 5.x.x

Source: FULLDISC
Type: Exploit, Patch
20060721 Directory Listing in Apache Tomcat 5.x.x

Source: CONFIRM
Type: UNKNOWN
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Source: CCN
Type: CA Security Response Blog, Jan 23 2009, 06:04 PM
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

Source: MITRE
Type: CNA
CVE-2006-3835

Source: CCN
Type: Apache Web site
Welcome! - The Apache HTTP Server Project

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:004

Source: CCN
Type: RHSA-2007-0326
Important: tomcat security update

Source: CCN
Type: RHSA-2007-0340
Important: tomcat security update

Source: CCN
Type: RHSA-2007-1069
Moderate: tomcat security update for Red Hat Network Satellite Server

Source: CCN
Type: RHSA-2008-0261
Moderate: Red Hat Network Satellite Server security update

Source: CCN
Type: RHSA-2008-0524
Low: Red Hat Network Satellite Server security update

Source: CCN
Type: RHSA-2010-0602
Moderate: Red Hat Certificate System 7.3 security update

Source: CCN
Type: SA25212
Nokia Intellisync Mobile Suite Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
25212

Source: CCN
Type: SA30899
Sun Solaris 9 Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
30899

Source: CCN
Type: SA30908
Sun Solaris 10 Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
30908

Source: CCN
Type: SA33668
CA Cohesion Application Configuration Manager Apache Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
33668

Source: CCN
Type: SA37297
ToutVirtual VirtualIQ Pro Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
37297

Source: CCN
Type: SECTRACK ID: 1016576
Apache Tomcat Discloses Directory Listings to Remote Users

Source: SECTRACK
Type: UNKNOWN
1016576

Source: SUNALERT
Type: UNKNOWN
239312

Source: CCN
Type: Sun Alert ID: 239312
Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm

Source: CCN
Type: ASA-2007-206
tomcat security update (RHSA-2007-0326)

Source: CCN
Type: ASA-2008-293
Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10 (Sun 239312)

Source: CONFIRM
Type: UNKNOWN
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Source: CONFIRM
Type: UNKNOWN
http://tomcat.apache.org/security-4.html

Source: CONFIRM
Type: UNKNOWN
http://tomcat.apache.org/security-5.html

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0261

Source: MISC
Type: UNKNOWN
http://www.sec-consult.com/289.html

Source: MISC
Type: UNKNOWN
http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt

Source: BUGTRAQ
Type: UNKNOWN
20070509 SEC Consult SA-20070509-0 :: Multiple vulnerabilites in Nokia Intellisync Mobile Suite & Wireless Email Express

Source: BUGTRAQ
Type: UNKNOWN
20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

Source: BUGTRAQ
Type: UNKNOWN
20091107 ToutVirtual VirtualIQ Multiple Vulnerabilities

Source: BID
Type: Exploit
19106

Source: CCN
Type: BID-19106
Apache Tomcat Information Disclosure Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2007-1727

Source: VUPEN
Type: UNKNOWN
ADV-2008-1979

Source: VUPEN
Type: UNKNOWN
ADV-2009-0233

Source: XF
Type: UNKNOWN
apache-tomcat-url-information-disclosure(27902)

Source: XF
Type: UNKNOWN
apache-tomcat-url-information-disclosure(27902)

Source: XF
Type: UNKNOWN
nokia-tomcat-source-code-disclosure(34183)

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/

Source: CCN
Type: CA20090123-01
Security Notice for Cohesion Tomcat

Source: SUSE
Type: SUSE-SR:2009:004
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:tomcat:5.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:tomcat:5.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_application_server:2:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20063835
    V
    		CVE-2006-3835
    2017-09-27
    BACK
    apache tomcat 5.0.28
    apache tomcat 5.5.7
    apache tomcat 5.5.9
    apache tomcat 5.5.12
    apache tomcat 5.5.16
    apache tomcat 5.0.28
    apache tomcat 5.5.12
    apache tomcat 5.5.9
    apache tomcat 5.5.7
    apache tomcat 5.5.16
    redhat certificate system 7.3
    redhat enterprise linux 3
    sun solaris 9
    redhat enterprise linux 4
    sun solaris 10
    sun solaris 10
    redhat linux advanced workstation 2.1
    redhat enterprise linux 5
    redhat rhel application server 2
    sun solaris 9