CVE-2009-1523
CVE-2009-1523
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
exploitdbwww.exploit-db.com/exploits/36318no verificadoexploitdbwww.exploit-db.com/exploits/18138no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388http://jira.codehaus.org/browse/JETTY-1004https://bugzilla.redhat.com/show_bug.cgi?id=499867http://secunia.com/advisories/34975http://secunia.com/advisories/35143http://secunia.com/advisories/35225http://secunia.com/advisories/35776http://secunia.com/advisories/40553https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01257.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-May/msg01259.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-May/msg01262.htmlhttp://www.kb.cert.org/vuls/id/402580