Trend Micro Security

Apache Tomcat (webdav) Remote File Disclosure Exploit

  危険度: :
  CVE識別番号: CVE-2007-5461,CVE-2007-5731

  概要

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1001138
  Trend Micro Deep Security DPI Rule Name: 1001138 - Apache Tomcat Remote File Disclosure Vulnerability

  影響を受けるソフトウェア

  • Apache Software Foundation Tomcat