exploits , vulnerabilities , articles , Apache Tomcat WebDav Remote Information Disclosure Vulnerability

Title	Apache Tomcat WebDav Remote Information Disclosure Vulnerability
Published	2007-10-14-12:00AM
Updated	2008-03-11-03:31PM
Class	Design Error
CVE	CVE-2007-5461 E-2007-5731
Remote	Yes
Local	No
Credit	eliteb0y discovered this issue.
Vulnerable	S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Standard Server 8.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. SuSE Linux OpenXchange 4.1 S.u.S.E. SUSE Linux Enterprise Server 9 SP3 S.u.S.E. SUSE Linux Enterprise Server 10 SP1 S.u.S.E. SUSE Linux Enterprise Server 10 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1 S.u.S.E. SUSE Linux Enterprise Desktop 10 S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO S.u.S.E. SLE SDK 10.SP1 S.u.S.E. SLE SDK 10 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. openSUSE 10.1 S.u.S.E. OpenEnterpriseServer 9.0 S.u.S.E. OpenEnterpriseServer 1 S.u.S.E. OpenEnterpriseServer 0 S.u.S.E. Office Server S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop SDK 9.0 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Novell Linux Desktop 1.0 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 10.2 x86_64 S.u.S.E. Linux Professional 10.2 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 10.2 x86_64 S.u.S.E. Linux Personal 10.2 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux Openexchange Server S.u.S.E. Linux Enterprise Server 9 S.u.S.E. Linux Enterprise Server 8 S.u.S.E. Linux Enterprise Server 10.SP1 S.u.S.E. Linux Enterprise Server 10 S.u.S.E. Linux Enterprise SDK 10 SP1 S.u.S.E. Linux Enterprise SDK 10 S.u.S.E. Linux Desktop 1.0 S.u.S.E. Linux Desktop 10 S.u.S.E. Linux 10.1 x8664 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x8664 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc RedHat Fedora 7 0 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 IBM WebSphere Application Server Community Edition 2.0 1 IBM WebSphere Application Server Community Edition 2.0 IBM WebSphere Application Server Community Edition 1.1 2 IBM WebSphere Application Server Community Edition 1.1 1 IBM WebSphere Application Server Community Edition 1.0.1 2 IBM WebSphere Application Server Community Edition 1.0.1 1 IBM WebSphere Application Server Community Edition 1.0.1 IBM WebSphere Application Server Community Edition 1.0 1 IBM WebSphere Application Server Community Edition 1.1 IBM WebSphere Application Server Community Edition 1.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia64 Debian Linux 4.0 ia32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Apache Software Foundation Tomcat 6.0.14 Apache Software Foundation Tomcat 6.0.13 Apache Software Foundation Tomcat 6.0.12 Apache Software Foundation Tomcat 6.0.11 Apache Software Foundation Tomcat 6.0.10 Apache Software Foundation Tomcat 6.0.9 Apache Software Foundation Tomcat 6.0.8 Apache Software Foundation Tomcat 6.0.7 Apache Software Foundation Tomcat 6.0.6 Apache Software Foundation Tomcat 6.0.5 Apache Software Foundation Tomcat 6.0.4 Apache Software Foundation Tomcat 6.0.3 Apache Software Foundation Tomcat 6.0.2 Apache Software Foundation Tomcat 6.0.1 Apache Software Foundation Tomcat 6.0 Apache Software Foundation Tomcat 5.5.24 Apache Software Foundation Tomcat 5.5.23 Apache Software Foundation Tomcat 5.5.22 Apache Software Foundation Tomcat 5.5.21 Apache Software Foundation Tomcat 5.5.20 Apache Software Foundation Tomcat 5.5.20 Apache Software Foundation Tomcat 5.5.19 Apache Software Foundation Tomcat 5.5.18 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.16 Apache Software Foundation Tomcat 5.5.15 Apache Software Foundation Tomcat 5.5.14 Apache Software Foundation Tomcat 5.5.13 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.9 Apache Software Foundation Tomcat 5.5.9 Apache Software Foundation Tomcat 5.5.8 Apache Software Foundation Tomcat 5.5.8 Apache Software Foundation Tomcat 5.5.7 Apache Software Foundation Tomcat 5.5.7 Apache Software Foundation Tomcat 5.5.6 Apache Software Foundation Tomcat 5.5.6 Apache Software Foundation Tomcat 5.5.5 Apache Software Foundation Tomcat 5.5.5 Apache Software Foundation Tomcat 5.5.4 Apache Software Foundation Tomcat 5.5.4 Apache Software Foundation Tomcat 5.5.3 Apache Software Foundation Tomcat 5.5.3 Apache Software Foundation Tomcat 5.5.2 Apache Software Foundation Tomcat 5.5.2 Apache Software Foundation Tomcat 5.5.1 Apache Software Foundation Tomcat 5.5.1 Apache Software Foundation Tomcat 5.5 Apache Software Foundation Tomcat 5.5 Apache Software Foundation Tomcat 5.4 Apache Software Foundation Tomcat 5.3 Apache Software Foundation Tomcat 5.2 Apache Software Foundation Tomcat 5.1 Apache Software Foundation Tomcat 5.0.31 Apache Software Foundation Tomcat 5.0.30 Apache Software Foundation Tomcat 5.0.30 Apache Software Foundation Tomcat 5.0.28 Apache Software Foundation Tomcat 5.0.19 Apache Software Foundation Tomcat 5.0.16 Apache Software Foundation Tomcat 5.0.15 Apache Software Foundation Tomcat 5.0.14 Apache Software Foundation Tomcat 5.0.13 Apache Software Foundation Tomcat 5.0.12 Apache Software Foundation Tomcat 5.0.11 Apache Software Foundation Tomcat 5.0.10 Apache Software Foundation Tomcat 5.0.9 Apache Software Foundation Tomcat 5.0.8 Apache Software Foundation Tomcat 5.0.7 Apache Software Foundation Tomcat 5.0.6 Apache Software Foundation Tomcat 5.0.5 Apache Software Foundation Tomcat 5.0.4 Apache Software Foundation Tomcat 5.0.3 Apache Software Foundation Tomcat 5.0.2 Apache Software Foundation Tomcat 5.0.1 Apache Software Foundation Tomcat 5.0 Apache Software Foundation Tomcat 4.1.37 Apache Software Foundation Tomcat 4.1.36 Apache Software Foundation Tomcat 4.1.36 Apache Software Foundation Tomcat 4.1.34 Apache Software Foundation Tomcat 4.1.34 Apache Software Foundation Tomcat 4.1.32 Apache Software Foundation Tomcat 4.1.31 Apache Software Foundation Tomcat 4.1.24 Apache Software Foundation Tomcat 4.1.12 Apache Software Foundation Tomcat 4.1.10 Apache Software Foundation Tomcat 4.1.9 beta Apache Software Foundation Tomcat 4.1.3 beta Apache Software Foundation Tomcat 4.1 BSDI BSD/OS 4.0 Caldera OpenLinux 2.4 Conectiva Linux 5.1 Debian Linux 2.3 Debian Linux 2.2 Debian Linux 2.1 Digital UNIX 4.0 FreeBSD FreeBSD 5.0 FreeBSD FreeBSD 4.5 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.0 NetBSD NetBSD 1.4.2 x86 NetBSD NetBSD 1.4.1 x86 RedHat Linux 6.2 i386 RedHat Linux 6.1 i386 SGI IRIX 6.5 SGI IRIX 6.4 SGI IRIX 3.3 Sun Solaris 7.0 Sun Solaris 8 Apache Software Foundation Tomcat 4.1 Apache Software Foundation Tomcat 4.0.7 Apache Software Foundation Tomcat 4.0.6 Apache Software Foundation Tomcat 4.0.6 Apache Software Foundation Tomcat 4.0.5 RedHat Stronghold 4.0 Apache Software Foundation Tomcat 4.0.5 Apache Software Foundation Tomcat 4.0.4 Apache Software Foundation Tomcat 4.0.4 Apache Software Foundation Tomcat 4.0.3 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia64 Debian Linux 3.0 ia32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Apache Software Foundation Tomcat 4.0.3 Apache Software Foundation Tomcat 4.0.2 Apache Software Foundation Tomcat 4.0.2 Apache Software Foundation Tomcat 4.0.1 Apache Software Foundation Tomcat 4.0.1 Apache Software Foundation Tomcat 4.0 BSDI BSD/OS 4.0 Caldera OpenLinux 2.4 Conectiva Linux 5.1 Debian Linux 2.2 Debian Linux 2.1 Digital UNIX 4.0 FreeBSD FreeBSD 5.0 FreeBSD FreeBSD 4.0 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.0 NetBSD NetBSD 1.4.2 x86 NetBSD NetBSD 1.4.1 x86 RedHat Linux 6.2 i386 RedHat Linux 6.1 i386 SGI IRIX 6.5 SGI IRIX 6.4 Sun Solaris 7.0 Sun Solaris 8 Apache Software Foundation Tomcat 4.0 Apache Software Foundation Tomcat 5.0 Apache Software Foundation Tomcat 4.0.0 RC2 Apache Software Foundation Jakarta Slide 2.1 Apache Software Foundation Geronimo 2.0.2 Apache Software Foundation Geronimo 2.0.1 Apache Software Foundation Geronimo 1.1 Apache Software Foundation Geronimo 1.0.1 Apache Software Foundation Geronimo 1.0
Not Vulnerable
Code	The following exploits are available: /data/vulnerabilities/exploits/tomcat_webdav_26070.pl /data/vulnerabilities/exploits/tomcat_webdav_ssl_only_26070.pl /data/vulnerabilities/exploits/jakarta_slide_26070.pl
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-10 GNU Coreutils Insecure Temporary File Creation Vulnerability
2009-12-10 WebKit SVG Animation Elements User After Free Remote Code Execution Vulnerability
2009-12-10 Moodle Multiple Vulnerabilities
2009-12-10 Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
2009-12-09 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
2009-12-09 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
2009-12-09 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
2009-12-09 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
2009-12-09 Shibboleth Redirection URL HTML Injection Vulnerability
2009-12-09 VLC Media Player RTSP Remote Buffer Overflow Vulnerability