Page History

CVE-2008-2370

describes a vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16. When a RequestDispatcher is used, Tomcat performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a1eee588-394c-4472-88a3-8570d9699984"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

"Injection [RST]"

]]></ac:plain-text-body></ac:structured-macro>

MITRE CWE

CWE ID 116, "Improper Encoding or Escaping of Output"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b1b558da96fda92d-211bc5a7-4fc14b73-8ef1ad16-2de586d124322ebfd65a4294"><ac:plain-text-body><![CDATA[

[[OWASP 2005

AA. Bibliography#OWASP 05]]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d2c94214fdfdc3ee-e448d854-43234a6d-9ee4bc04-a10056b8095b837949d157c6"><ac:plain-text-body><![CDATA[

[[OWASP 2007

AA. Bibliography#OWASP 07]]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5b20cd0a0e5bf860-6eddb36d-41a040f8-9408a0b5-6120a6c297fc07c938d442e7"><ac:plain-text-body><![CDATA[

[[OWASP 2008

AA. Bibliography#OWASP 08]]

]]></ac:plain-text-body></ac:structured-macro>

Testing for XML Injection (OWASP-DV-008)

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b64cf5482dc589e8-4e1aaa9d-47bc4235-8085b3ec-eef5d27950598f66ea3b3c27"><ac:plain-text-body><![CDATA[

[[W3C 2008

AA. Bibliography#W3C 08]]

4.4.3 Included If Validating

]]></ac:plain-text-body></ac:structured-macro>