CVE-2007-0450

Name of the Vulnerable Software and Affected Versions Apache HTTP Server and Tomcat versions prior to 5.5.22 and 6.0.10 Tomcat versions prior to 5.5.22 and 6.0.10

Description The issue allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL. This occurs when using certain proxy modules, including mod proxy, mod rewrite, and mod jk. The characters are valid separators in Tomcat but not in Apache.

Recommendations For Apache HTTP Server and Tomcat versions prior to 5.5.22 and 6.0.10, consider disabling the mod proxy, mod rewrite, and mod jk modules until a patch is available. For Tomcat versions prior to 5.5.22 and 6.0.10, restrict access to the vulnerable proxy modules to minimize the risk of exploitation. Avoid using the .. (dot dot) sequence with combinations of / (slash), `` (backslash), and URL-encoded backslash (%5C) characters in the URL until the issue is resolved.