Vulnerability Name:

CVE-2007-5731 (CCN-37243)

Assigned:2007-10-14
Published:2007-10-14
Updated:2017-09-29
Summary:Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
CVSS v3 Severity:2.6 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N)
2.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
3.5 Low (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N)
2.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-22
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Full-Disclosure Mailing List, Sun Oct 14 2007 - 15:47:34 CDT
Apache Tomcat Rem0Te FiLe DiscloSure ZeroDay (W3bd4v)

Source: MITRE
Type: CNA
CVE-2007-5461

Source: MITRE
Type: CNA
CVE-2007-5731

Source: CCN
Type: Apache Geronimo Web site
Potential vulnerability in Apache Tomcat Webdav servlet

Source: CCN
Type: Jakarta Slide Web page
Jakarta Slide

Source: CCN
Type: Jakarta Slide Web site
The Jakarta Slide project

Source: OSVDB
Type: UNKNOWN
38673

Source: CCN
Type: RHSA-2008-0042
Moderate: tomcat security update

Source: CCN
Type: RHSA-2008-0151
Moderate: JBoss Enterprise Application Platform 4.2.0CP02 security update

Source: CCN
Type: RHSA-2008-0158
Moderate: JBoss Enterprise Application Platform security update

Source: CCN
Type: RHSA-2008-0195
Moderate: tomcat security update

Source: CCN
Type: RHSA-2008-0213
Moderate: JBoss Enterprise Application Platform 4.2.0CP02 security update

Source: CCN
Type: RHSA-2008-0261
Moderate: Red Hat Network Satellite Server security update

Source: CCN
Type: RHSA-2008-0524
Low: Red Hat Network Satellite Server security update

Source: CCN
Type: RHSA-2008-0630
Low: Red Hat Network Satellite Server security update

Source: CCN
Type: RHSA-2008-0862
Important: tomcat security update

Source: CCN
Type: RHSA-2010-0602
Moderate: Red Hat Certificate System 7.3 security update

Source: CCN
Type: SA27398
Apache Tomcat WebDAV Arbitrary File Content Disclosure

Source: CCN
Type: SA27446
WebSphere Application Server Community Edition WebDAV Content Disclosure

Source: CCN
Type: SA27467
Apache Jakarta Slide WebDAV Arbitrary File Content Disclosure

Source: SECUNIA
Type: UNKNOWN
27467

Source: CCN
Type: SA27481
Apache Geronimo WebDAV Arbitrary File Content Disclosure

Source: CCN
Type: SA30676
VMware ESX Server update for Tomcat and Java JRE

Source: CCN
Type: SA30802
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: CCN
Type: SA30899
Sun Solaris 9 Tomcat Multiple Vulnerabilities

Source: CCN
Type: SA30908
Sun Solaris 10 Tomcat Multiple Vulnerabilities

Source: CCN
Type: SA32222
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: CCN
Type: SA32266
Avaya AES / MX Apache Tomcat Multiple Vulnerabilities

Source: CCN
Type: SA37460
VMware Products Update for Multiple Packages

Source: CCN
Type: SECTRACK ID: 1018864
Tomcat WebDAV Servlet Lets Remote Users View Arbitrary Files

Source: CCN
Type: Sun Alert ID: 239312
Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10

Source: CCN
Type: Apple Web site
About Security Update 2008-007

Source: CCN
Type: ASA-2008-190
tomcat security update (RHSA-2008-0195)

Source: CCN
Type: ASA-2008-293
Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10 (Sun 239312)

Source: CCN
Type: ASA-2008-401
tomcat security update (RHSA-2008-0862)

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc/jakarta/slide/trunk/src/webdav/server/org/apache/slide/webdav/method/LockMethod.java?view=log&sortby=date&pathrev=590976

Source: CCN
Type: Apache Tomcat Web site
Apache Tomcat

Source: CCN
Type: Apache Tomcat SVN Repository
Apache Tomcat

Source: CCN
Type: IBM Security Bulletin 1286112
Tomcat Webdav servlet security vulnerability in WebSphere Application Server Community Edition

Source: DEBIAN
Type: DSA-1447
tomcat5.5 -- several vulnerabilities

Source: DEBIAN
Type: DSA-1453
tomcat5 -- several vulnerabilities

Source: CCN
Type: GLSA-200804-10
Tomcat: Multiple vulnerabilities

Source: CCN
Type: OSVDB ID: 38673
Apache Jakarta Slide WebDAV SYSTEM Request Traversal Arbitrary File Access

Source: CCN
Type: BID-26070
Apache Tomcat WebDav Remote Information Disclosure Vulnerability

Source: CCN
Type: BID-31681
RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Source: CCN
Type: VMSA-2008-0010
Updated Tomcat and Java JRE packages for VMware ESX 3.5

Source: VUPEN
Type: UNKNOWN
ADV-2007-3699

Source: XF
Type: UNKNOWN
apache-tomcat-webdav-dir-traversal(37243)

Source: EXPLOIT-DB
Type: UNKNOWN
4567

Source: SUSE
Type: SUSE-SR:2008:005
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:004
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:jakarta_slide:2.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:jakarta_slide:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.36:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.30:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.25:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.37:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_developer_suite:3:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_application_server:2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_application_stack:2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apache jakarta slide 2.1
    apache tomcat 4.0.1
    apache tomcat 4.0.3
    apache tomcat 4.0.4
    apache tomcat 4.1.10
    apache tomcat 4.1.0
    apache tomcat 5.5.4
    apache tomcat 5.0.19
    apache tomcat 4.1.24
    apache geronimo 1.0
    apache tomcat 5.0.28
    apache tomcat 5.5.12
    apache tomcat 5.5.9
    apache tomcat 5.5.7
    apache tomcat 4.1.34
    apache tomcat 5.5.20
    apache geronimo 2.0.2
    apache tomcat 5.5.17
    apache geronimo 2.0.1
    apache tomcat 5.0.0
    apache jakarta slide 2.1
    apache tomcat 4.0.0
    apache tomcat 4.0.2
    apache tomcat 4.0.5
    apache tomcat 4.0.6
    apache tomcat 4.1.12
    apache tomcat 4.1.31
    apache tomcat 4.1.36
    apache tomcat 5.0.1
    apache tomcat 5.0.10
    apache tomcat 5.0.11
    apache tomcat 5.0.12
    apache tomcat 5.0.13
    apache tomcat 5.0.14
    apache tomcat 5.0.15
    apache tomcat 5.0.16
    apache tomcat 5.0.2
    apache tomcat 5.0.3
    apache tomcat 5.0.30
    apache tomcat 5.0.4
    apache tomcat 5.0.5
    apache tomcat 5.0.6
    apache tomcat 5.0.7
    apache tomcat 5.0.8
    apache tomcat 5.0.9
    apache tomcat 5.5.0
    apache tomcat 5.5.1
    apache tomcat 5.5.10
    apache tomcat 5.5.11
    apache tomcat 5.5.13
    apache tomcat 5.5.14
    apache tomcat 5.5.15
    apache tomcat 5.5.16
    apache tomcat 5.5.18
    apache tomcat 5.5.19
    apache tomcat 5.5.2
    apache tomcat 5.5.21
    apache tomcat 5.5.22
    apache tomcat 5.5.23
    apache tomcat 5.5.24
    apache tomcat 5.5.25
    apache tomcat 5.5.3
    apache tomcat 5.5.5
    apache tomcat 5.5.6
    apache tomcat 5.5.8
    apache tomcat 6.0
    apache tomcat 6.0.0
    apache tomcat 6.0.1
    apache tomcat 6.0.10
    apache tomcat 6.0.11
    apache tomcat 6.0.12
    apache tomcat 6.0.13
    apache tomcat 6.0.14
    apache tomcat 6.0.2
    apache tomcat 6.0.3
    apache tomcat 6.0.4
    apache tomcat 6.0.5
    apache tomcat 6.0.6
    apache tomcat 6.0.7
    apache tomcat 6.0.8
    apache tomcat 6.0.9
    redhat certificate system 7.3
    apache tomcat 4.1.32
    apache tomcat 4.1.37
    gentoo linux *
    sun solaris 9
    sun solaris 10
    sun solaris 10
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    redhat enterprise linux 5
    redhat rhel developer suite 3
    redhat rhel application server 2
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    mandrakesoft mandrake linux 2007.1
    redhat rhel application stack 2
    apple mac os x server 10.5
    apple mac os x server 10.5.1
    apple mac os x server 10.5.2
    mandrakesoft mandrake linux 2008.1
    vmware esx server 3.5
    apple mac os x server 10.5.3
    sun solaris 9
    apple mac os x server 10.5.4
    apple mac os x server 10.5.5