Page History

CVE-2008-2370

describes a vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16. When a RequestDispatcher is used, Tomcat performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2870ae07-6bb1-4a94-a856-74786744a48f"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID 116

http://cwe.mitre.org/data/definitions/116.html] "Improper Encoding or Escaping of Output" ]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9688febe76b55f6e-ae325d89-470e43b3-9a819c03-5884f19e969cea06cf73893e"><ac:plain-text-body><![CDATA[

[[OWASP 2005

AA. Bibliography#OWASP 05]]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="75211e4032d72181-08e3960b-41ef4ba9-a8f08cd1-d9acc39cb14cf160cdae3ee4"><ac:plain-text-body><![CDATA[

[[OWASP 2007

AA. Bibliography#OWASP 07]]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9687ee957d18736a-5f73e469-4eed41a7-bc72b120-b4247149da025081e0a15fa9"><ac:plain-text-body><![CDATA[

[[OWASP 2008

AA. Bibliography#OWASP 08]]

]]></ac:plain-text-body></ac:structured-macro>

Testing for XML Injection (OWASP-DV-008)

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b76ed72af446afc9-485db4e1-46324108-8f68931f-1ddc1fb3a6a6d09095a87222"><ac:plain-text-body><![CDATA[

[[W3C 2008

AA. Bibliography#W3C 08]]

4.4.3 Included If Validating

]]></ac:plain-text-body></ac:structured-macro>