CVE-2006-2758

Name of the Vulnerable Software and Affected Versions jetty versions 6.0.x beta16

Description The issue allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. This is a directory traversal vulnerability.

Recommendations For jetty version 6.0.x beta16, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, consider implementing URL encoding validation to prevent the use of encoded ../ sequences in the URL. At the moment, there is no information about a newer version that contains a fix for this vulnerability.