CVE-2007-0450 (CNNVD-200703-400)

MEDIUM 有利用代码
中文标题:
Apache HTTP Server Tomcat远程目录访问漏洞
英文标题:
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before ...
CVSS分数: 5.0
发布时间: 2007-03-16 22:00:00
漏洞类型: 路径遍历
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v4
漏洞描述
中文描述:

Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 如果将Apache HTTP服务器和Tomcat配置为与常见的代理模块(mod_proxy、mod_rewrite、mod_jk)交互操作的话,攻击者就可以非授权访问预期目标路径以外的目录,直至Tomcat中的Web根目录。Apache中可接受的唯一目录分隔字符是斜线(/),但Tomcat允许URI编码的字符,如/、或%5C等,这允许攻击者通过特制的HTTP请求执行访问受保护的文件。

英文描述:

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.

CWE类型:
CWE-22
标签:
remote linux D. Matscheko OSVDB-34769
受影响产品
厂商 产品 版本 版本范围 平台 CPE
apache http_server - - - cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
apache tomcat * - - cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
无标题 x_refsource_CONFIRM
cve.org
访问
30908 third-party-advisory
cve.org
访问
[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 mailing-list
cve.org
访问
ADV-2007-2732 vdb-entry
cve.org
访问
239312 vendor-advisory
cve.org
访问
ADV-2007-3087 vdb-entry
cve.org
访问
tomcat-proxy-directory-traversal(32988) vdb-entry
cve.org
访问
30899 third-party-advisory
cve.org
访问
ADV-2008-1979 vdb-entry
cve.org
访问
SUSE-SR:2007:005 vendor-advisory
cve.org
访问
APPLE-SA-2007-07-31 vendor-advisory
cve.org
访问
ADV-2008-0065 vdb-entry
cve.org
访问
20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) mailing-list
cve.org
访问
33668 third-party-advisory
cve.org
访问
20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 mailing-list
cve.org
访问
20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities mailing-list
cve.org
访问
25280 third-party-advisory
cve.org
访问
RHSA-2007:0360 vendor-advisory
cve.org
访问
24732 third-party-advisory
cve.org
访问
ADV-2009-0233 vdb-entry
cve.org
访问
22960 vdb-entry
cve.org
访问
28365 third-party-advisory
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
无标题 x_refsource_MISC
cve.org
访问
ADV-2007-3386 vdb-entry
cve.org
访问
无标题 x_refsource_MISC
cve.org
访问
RHSA-2007:0327 vendor-advisory
cve.org
访问
27037 third-party-advisory
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
SSRT071447 vendor-advisory
cve.org
访问
ADV-2007-0975 vdb-entry
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
25159 vdb-entry
cve.org
访问
26660 third-party-advisory
cve.org
访问
RHSA-2008:0261 vendor-advisory
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
GLSA-200705-03 vendor-advisory
cve.org
访问
25106 third-party-advisory
cve.org
访问
2446 third-party-advisory
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
20070314 SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal mailing-list
cve.org
访问
MDKSA-2007:241 vendor-advisory
cve.org
访问
SUSE-SR:2007:015 vendor-advisory
cve.org
访问
26235 third-party-advisory
cve.org
访问
oval:org.mitre.oval:def:10643 vdb-entry
cve.org
访问
[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ mailing-list
cve.org
访问
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ mailing-list
cve.org
访问
[tomcat-dev] 20190325 svn commit: r1856174 [25/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ mailing-list
cve.org
访问
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ mailing-list
cve.org
访问
[tomcat-dev] 20190413 svn commit: r1857494 [18/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ mailing-list
cve.org
访问
[tomcat-dev] 20190415 svn commit: r1857582 [20/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ mailing-list
cve.org
访问
[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/ mailing-list
cve.org
访问
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/ mailing-list
cve.org
访问
[tomcat-dev] 20200213 svn commit: r1873980 [30/34] - /tomcat/site/trunk/docs/ mailing-list
cve.org
访问
ExploitDB EDB-29739 EXPLOIT
exploitdb
访问
Download Exploit EDB-29739 EXPLOIT
exploitdb
访问
CVE Reference: CVE-2007-0450 ADVISORY
cve.org
访问
CVSS评分详情
5.0
MEDIUM
CVSS向量: AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS版本: 2.0
机密性
PARTIAL
完整性
NONE
可用性
NONE
时间信息
发布时间:
2007-03-16 22:00:00
修改时间:
2024-08-07 12:19:30
创建时间:
2025-11-11 15:32:41
更新时间:
2025-11-11 16:25:09
利用信息
此漏洞有可利用代码!
利用代码数量: 1
利用来源:
未知
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2007-0450 2025-11-11 15:17:49 2025-11-11 07:32:41
NVD nvd_CVE-2007-0450 2025-11-11 14:52:09 2025-11-11 07:41:26
CNNVD cnnvd_CNNVD-200703-400 2025-11-11 15:08:51 2025-11-11 07:49:15
EXPLOITDB exploitdb_EDB-29739 2025-11-11 15:05:25 2025-11-11 08:25:09
版本与语言
当前版本: v4
主要语言: EN
支持语言:
EN ZH
其他标识符:
:
:
安全公告
暂无安全公告信息
变更历史
v4 EXPLOITDB
2025-11-11 16:25:09
references_count: 56 → 59; tags_count: 0 → 4; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
  • references_count: 56 -> 59
  • tags_count: 0 -> 4
  • data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3 CNNVD
2025-11-11 15:49:15
vulnerability_type: 未提取 → 路径遍历; cnnvd_id: 未提取 → CNNVD-200703-400; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 路径遍历
  • cnnvd_id: 未提取 -> CNNVD-200703-400
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:41:26
cvss_score: 未提取 → 5.0; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:P/I:N/A:N; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 2; references_count: 57 → 56; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • cvss_score: 未提取 -> 5.0
  • cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:P/I:N/A:N
  • cvss_version: NOT_EXTRACTED -> 2.0
  • affected_products_count: 0 -> 2
  • references_count: 57 -> 56
  • data_sources: ['cve'] -> ['cve', 'nvd']