exploits , vulnerabilities , articles , Apache Tomcat WebDav Remote Information Disclosure Vulnerability

Title	Apache Tomcat WebDav Remote Information Disclosure Vulnerability
Published	2007-10-14-12:00AM
Updated	2008-03-11-03:31PM
Class	Design Error
CVE	CVE-2007-5461 E-2007-5731
Remote	Yes
Local	No
Credit	eliteb0y discovered this issue.
Vulnerable	S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Standard Server 8.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. SuSE Linux OpenXchange 4.1 S.u.S.E. SUSE Linux Enterprise Server 9 SP3 S.u.S.E. SUSE Linux Enterprise Server 10 SP1 S.u.S.E. SUSE Linux Enterprise Server 10 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1 S.u.S.E. SUSE Linux Enterprise Desktop 10 S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO S.u.S.E. SLE SDK 10.SP1 S.u.S.E. SLE SDK 10 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. openSUSE 10.1 S.u.S.E. OpenEnterpriseServer 9.0 S.u.S.E. OpenEnterpriseServer 1 S.u.S.E. OpenEnterpriseServer 0 S.u.S.E. Office Server S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop SDK 9.0 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Novell Linux Desktop 1.0 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 10.2 x86_64 S.u.S.E. Linux Professional 10.2 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 10.2 x86_64 S.u.S.E. Linux Personal 10.2 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux Openexchange Server S.u.S.E. Linux Enterprise Server 9 S.u.S.E. Linux Enterprise Server 8 S.u.S.E. Linux Enterprise Server 10.SP1 S.u.S.E. Linux Enterprise Server 10 S.u.S.E. Linux Enterprise SDK 10 SP1 S.u.S.E. Linux Enterprise SDK 10 S.u.S.E. Linux Desktop 1.0 S.u.S.E. Linux Desktop 10 S.u.S.E. Linux 10.1 x8664 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x8664 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc RedHat Fedora 7 0 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 IBM WebSphere Application Server Community Edition 2.0 1 IBM WebSphere Application Server Community Edition 2.0 IBM WebSphere Application Server Community Edition 1.1 2 IBM WebSphere Application Server Community Edition 1.1 1 IBM WebSphere Application Server Community Edition 1.0.1 2 IBM WebSphere Application Server Community Edition 1.0.1 1 IBM WebSphere Application Server Community Edition 1.0.1 IBM WebSphere Application Server Community Edition 1.0 1 IBM WebSphere Application Server Community Edition 1.1 IBM WebSphere Application Server Community Edition 1.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia64 Debian Linux 4.0 ia32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Apache Software Foundation Tomcat 6.0.14 Apache Software Foundation Tomcat 6.0.13 Apache Software Foundation Tomcat 6.0.12 Apache Software Foundation Tomcat 6.0.11 Apache Software Foundation Tomcat 6.0.10 Apache Software Foundation Tomcat 6.0.9 Apache Software Foundation Tomcat 6.0.8 Apache Software Foundation Tomcat 6.0.7 Apache Software Foundation Tomcat 6.0.6 Apache Software Foundation Tomcat 6.0.5 Apache Software Foundation Tomcat 6.0.4 Apache Software Foundation Tomcat 6.0.3 Apache Software Foundation Tomcat 6.0.2 Apache Software Foundation Tomcat 6.0.1 Apache Software Foundation Tomcat 6.0 Apache Software Foundation Tomcat 5.5.24 Apache Software Foundation Tomcat 5.5.23 Apache Software Foundation Tomcat 5.5.22 Apache Software Foundation Tomcat 5.5.21 Apache Software Foundation Tomcat 5.5.20 Apache Software Foundation Tomcat 5.5.20 Apache Software Foundation Tomcat 5.5.19 Apache Software Foundation Tomcat 5.5.18 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.16 Apache Software Foundation Tomcat 5.5.15 Apache Software Foundation Tomcat 5.5.14 Apache Software Foundation Tomcat 5.5.13 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.9 Apache Software Foundation Tomcat 5.5.9 Apache Software Foundation Tomcat 5.5.8 Apache Software Foundation Tomcat 5.5.8 Apache Software Foundation Tomcat 5.5.7 Apache Software Foundation Tomcat 5.5.7 Apache Software Foundation Tomcat 5.5.6 Apache Software Foundation Tomcat 5.5.6 Apache Software Foundation Tomcat 5.5.5 Apache Software Foundation Tomcat 5.5.5 Apache Software Foundation Tomcat 5.5.4 Apache Software Foundation Tomcat 5.5.4 Apache Software Foundation Tomcat 5.5.3 Apache Software Foundation Tomcat 5.5.3 Apache Software Foundation Tomcat 5.5.2 Apache Software Foundation Tomcat 5.5.2 Apache Software Foundation Tomcat 5.5.1 Apache Software Foundation Tomcat 5.5.1 Apache Software Foundation Tomcat 5.5 Apache Software Foundation Tomcat 5.5 Apache Software Foundation Tomcat 5.4 Apache Software Foundation Tomcat 5.3 Apache Software Foundation Tomcat 5.2 Apache Software Foundation Tomcat 5.1 Apache Software Foundation Tomcat 5.0.31 Apache Software Foundation Tomcat 5.0.30 Apache Software Foundation Tomcat 5.0.30 Apache Software Foundation Tomcat 5.0.28 Apache Software Foundation Tomcat 5.0.19 Apache Software Foundation Tomcat 5.0.16 Apache Software Foundation Tomcat 5.0.15 Apache Software Foundation Tomcat 5.0.14 Apache Software Foundation Tomcat 5.0.13 Apache Software Foundation Tomcat 5.0.12 Apache Software Foundation Tomcat 5.0.11 Apache Software Foundation Tomcat 5.0.10 Apache Software Foundation Tomcat 5.0.9 Apache Software Foundation Tomcat 5.0.8 Apache Software Foundation Tomcat 5.0.7 Apache Software Foundation Tomcat 5.0.6 Apache Software Foundation Tomcat 5.0.5 Apache Software Foundation Tomcat 5.0.4 Apache Software Foundation Tomcat 5.0.3 Apache Software Foundation Tomcat 5.0.2 Apache Software Foundation Tomcat 5.0.1 Apache Software Foundation Tomcat 5.0 Apache Software Foundation Tomcat 4.1.37 Apache Software Foundation Tomcat 4.1.36 Apache Software Foundation Tomcat 4.1.36 Apache Software Foundation Tomcat 4.1.34 Apache Software Foundation Tomcat 4.1.34 Apache Software Foundation Tomcat 4.1.32 Apache Software Foundation Tomcat 4.1.31 Apache Software Foundation Tomcat 4.1.24 Apache Software Foundation Tomcat 4.1.12 Apache Software Foundation Tomcat 4.1.10 Apache Software Foundation Tomcat 4.1.9 beta Apache Software Foundation Tomcat 4.1.3 beta Apache Software Foundation Tomcat 4.1 BSDI BSD/OS 4.0 Caldera OpenLinux 2.4 Conectiva Linux 5.1 Debian Linux 2.3 Debian Linux 2.2 Debian Linux 2.1 Digital UNIX 4.0 FreeBSD FreeBSD 5.0 FreeBSD FreeBSD 4.5 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.0 NetBSD NetBSD 1.4.2 x86 NetBSD NetBSD 1.4.1 x86 RedHat Linux 6.2 i386 RedHat Linux 6.1 i386 SGI IRIX 6.5 SGI IRIX 6.4 SGI IRIX 3.3 Sun Solaris 7.0 Sun Solaris 8 Apache Software Foundation Tomcat 4.1 Apache Software Foundation Tomcat 4.0.7 Apache Software Foundation Tomcat 4.0.6 Apache Software Foundation Tomcat 4.0.6 Apache Software Foundation Tomcat 4.0.5 RedHat Stronghold 4.0 Apache Software Foundation Tomcat 4.0.5 Apache Software Foundation Tomcat 4.0.4 Apache Software Foundation Tomcat 4.0.4 Apache Software Foundation Tomcat 4.0.3 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia64 Debian Linux 3.0 ia32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Apache Software Foundation Tomcat 4.0.3 Apache Software Foundation Tomcat 4.0.2 Apache Software Foundation Tomcat 4.0.2 Apache Software Foundation Tomcat 4.0.1 Apache Software Foundation Tomcat 4.0.1 Apache Software Foundation Tomcat 4.0 BSDI BSD/OS 4.0 Caldera OpenLinux 2.4 Conectiva Linux 5.1 Debian Linux 2.2 Debian Linux 2.1 Digital UNIX 4.0 FreeBSD FreeBSD 5.0 FreeBSD FreeBSD 4.0 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.0 NetBSD NetBSD 1.4.2 x86 NetBSD NetBSD 1.4.1 x86 RedHat Linux 6.2 i386 RedHat Linux 6.1 i386 SGI IRIX 6.5 SGI IRIX 6.4 Sun Solaris 7.0 Sun Solaris 8 Apache Software Foundation Tomcat 4.0 Apache Software Foundation Tomcat 5.0 Apache Software Foundation Tomcat 4.0.0 RC2 Apache Software Foundation Jakarta Slide 2.1 Apache Software Foundation Geronimo 2.0.2 Apache Software Foundation Geronimo 2.0.1 Apache Software Foundation Geronimo 1.1 Apache Software Foundation Geronimo 1.0.1 Apache Software Foundation Geronimo 1.0
Not Vulnerable
Code	The following exploits are available: /data/vulnerabilities/exploits/tomcat_webdav_26070.pl /data/vulnerabilities/exploits/tomcat_webdav_ssl_only_26070.pl /data/vulnerabilities/exploits/jakarta_slide_26070.pl
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-17 HP OpenView Storage Data Protector Multiple Remote Code Execution Vulnerabilities
2009-12-17 iDevSpot iSupport Multiple Cross Site Scripting Vulnerabilities
2009-12-17 GNU Automake Insecure Directory Permissions Vulnerability
2009-12-17 Mozilla Firefox CVE-2009-3979 Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Mozilla Firefox CVE-2009-3981 Remote Memory Corruption Vulnerability
2009-12-17 Drupal Sections Module HTML Injection Vulnerability
2009-12-17 Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
2009-12-17 Mozilla Firefox and Sea Monkey Insecure Protocol Location Bar Spoofing Vulnerability
2009-12-17 Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
2009-12-17 Mozilla Firefox/SeaMonkey GeckoActiveXObject Exception Message COM Object Enumeration Vulnerability