Описание
Mortbay Jetty Double Slash URI Information Disclosure Vulnerability
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple / (slash) characters in the URI.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-6672
- https://web.archive.org/web/20080113051254/http://www.kb.cert.org/vuls/id/553235
- https://web.archive.org/web/20080120225723/http://jira.codehaus.org/browse/JETTY-386
- https://web.archive.org/web/20080120225728/http://jira.codehaus.org/browse/JETTY/fixforversion/13950
- https://web.archive.org/web/20080517012615/http://www.securityfocus.com/bid/27117
Пакеты
Наименование
org.mortbay.jetty:jetty
maven
Затронутые версииВерсия исправления
>= 6.1.5, <= 6.1.6
6.1.7
Связанные уязвимости
ubuntu
почти 18 лет назад
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
nvd
почти 18 лет назад
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
debian
почти 18 лет назад
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protec ...