Apache Tomcat にディレクトリトラバーサルの脆弱性
影響を受けるバージョン
- Apache Software Foundation Tomcat 6.0.16
- Apache Software Foundation Tomcat 6.0.15
- Apache Software Foundation Tomcat 6.0.14
- Apache Software Foundation Tomcat 6.0.13
- Apache Software Foundation Tomcat 6.0.12
- Apache Software Foundation Tomcat 6.0.11
- Apache Software Foundation Tomcat 6.0.10
- Apache Software Foundation Tomcat 6.0.9
- Apache Software Foundation Tomcat 6.0.8
- Apache Software Foundation Tomcat 6.0.7
- Apache Software Foundation Tomcat 6.0.6
- Apache Software Foundation Tomcat 6.0.5
- Apache Software Foundation Tomcat 6.0.4
- Apache Software Foundation Tomcat 6.0.3
- Apache Software Foundation Tomcat 6.0.2
- Apache Software Foundation Tomcat 6.0.1
- Apache Software Foundation Tomcat 6.0
- Apache Software Foundation Tomcat 5.5.26
- Apache Software Foundation Tomcat 5.5.25
- Apache Software Foundation Tomcat 5.5.24
- Apache Software Foundation Tomcat 5.5.23
- Apache Software Foundation Tomcat 5.5.22
- Apache Software Foundation Tomcat 5.5.21
- Apache Software Foundation Tomcat 5.5.20
- Apache Software Foundation Tomcat 5.5.19
- Apache Software Foundation Tomcat 5.5.18
- Apache Software Foundation Tomcat 5.5.17
- Apache Software Foundation Tomcat 5.5.16
- Apache Software Foundation Tomcat 5.5.15
- Apache Software Foundation Tomcat 5.5.14
- Apache Software Foundation Tomcat 5.5.13
- Apache Software Foundation Tomcat 5.5.12
- Apache Software Foundation Tomcat 5.5.11
- Apache Software Foundation Tomcat 5.5.10
- Apache Software Foundation Tomcat 5.5.9
- Apache Software Foundation Tomcat 5.5.8
- Apache Software Foundation Tomcat 5.5.7
- Apache Software Foundation Tomcat 5.5.6
- Apache Software Foundation Tomcat 5.5.5
- Apache Software Foundation Tomcat 5.5.4
- Apache Software Foundation Tomcat 5.5.3
- Apache Software Foundation Tomcat 5.5.2
- Apache Software Foundation Tomcat 5.5.1
- Apache Software Foundation Tomcat 5.5
- Apache Software Foundation Tomcat 4.1.37
- Apache Software Foundation Tomcat 4.1.36
- Apache Software Foundation Tomcat 4.1.36
- Apache Software Foundation Tomcat 4.1.34
- Apache Software Foundation Tomcat 4.1.34
- Gentoo Linux 1.4 _rc3
- Gentoo Linux 1.4 _rc2
- Gentoo Linux 1.4 _rc1
- Gentoo Linux 1.2
- Apache Software Foundation Tomcat 4.1.32
- Apache Software Foundation Tomcat 4.1.31
- Apache Software Foundation Tomcat 4.1.30
- Apache Software Foundation Tomcat 4.1.29
- Apache Software Foundation Tomcat 4.1.28
- Apache Software Foundation Tomcat 4.1.24
- Gentoo Linux 1.4 _rc3
- Gentoo Linux 1.4 _rc2
- Gentoo Linux 1.4 _rc1
- Gentoo Linux 1.2
- Apache Software Foundation Tomcat 4.1.12
- Apache Software Foundation Tomcat 4.1.10
- Apache Software Foundation Tomcat 4.1.9 beta
- Apache Software Foundation Tomcat 4.1.3 beta
- Apache Software Foundation Tomcat 4.1.3
- Apache Software Foundation Tomcat 4.1
影響を受けないバージョン
対策方法
Tomcat をアップグレードするか、allowLinking 属性を無効にし、URIEncoding を UTF8 にしない。