CVE-2008-5518 - OpenCVE

Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact None

AV:N/AC:L/Au:N/C:C/I:C/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Geronimo
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:apache:geronimo:2.1:::::::*
	cpe:2.3:a:apache:geronimo:2.1.1:::::::*
	cpe:2.3:a:apache:geronimo:2.1.2:::::::*
	cpe:2.3:a:apache:geronimo:2.1.3:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://dsecrg.com/pages/vul/show.php?id=118
http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214
http://issues.apache.org/jira/browse/GERONIMO-4597
http://secunia.com/advisories/34715
http://www.securityfocus.com/archive/1/502733/100/0/threaded
http://www.securityfocus.com/bid/34562
http://www.vupen.com/english/advisories/2009/1089
https://exchange.xforce.ibmcloud.com/vulnerabilities/49898
https://exchange.xforce.ibmcloud.com/vulnerabilities/49899
https://exchange.xforce.ibmcloud.com/vulnerabilities/49900
https://www.exploit-db.com/exploits/8458

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2009-04-17T14:00:00

Updated: 2024-08-07T10:56:46.696Z

Reserved: 2008-12-12T00:00:00

Link: CVE-2008-5518

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-04-17T14:30:00.500

Modified: 2018-10-11T20:55:45.080

Link: CVE-2008-5518

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-16T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "geronimo-keystores-directory-traversal(49900)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49900"}, {"name": "geronimo-dbmanager-directory-traversal(49899)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49899"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214"}, {"name": "ADV-2009-1089", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1089"}, {"name": "34562", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34562"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://issues.apache.org/jira/browse/GERONIMO-4597"}, {"name": "34715", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34715"}, {"name": "geronimo-repository-directory-traversal(49898)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49898"}, {"name": "8458", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/8458"}, {"name": "20090416 [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/502733/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://dsecrg.com/pages/vul/show.php?id=118"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-5518", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "geronimo-keystores-directory-traversal(49900)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49900"}, {"name": "geronimo-dbmanager-directory-traversal(49899)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49899"}, {"name": "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214", "refsource": "CONFIRM", "url": "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214"}, {"name": "ADV-2009-1089", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1089"}, {"name": "34562", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34562"}, {"name": "http://issues.apache.org/jira/browse/GERONIMO-4597", "refsource": "CONFIRM", "url": "http://issues.apache.org/jira/browse/GERONIMO-4597"}, {"name": "34715", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34715"}, {"name": "geronimo-repository-directory-traversal(49898)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49898"}, {"name": "8458", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/8458"}, {"name": "20090416 [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/502733/100/0/threaded"}, {"name": "http://dsecrg.com/pages/vul/show.php?id=118", "refsource": "MISC", "url": "http://dsecrg.com/pages/vul/show.php?id=118"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:56:46.696Z"}, "title": "CVE Program Container", "references": [{"name": "geronimo-keystores-directory-traversal(49900)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49900"}, {"name": "geronimo-dbmanager-directory-traversal(49899)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49899"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214"}, {"name": "ADV-2009-1089", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1089"}, {"name": "34562", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34562"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://issues.apache.org/jira/browse/GERONIMO-4597"}, {"name": "34715", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34715"}, {"name": "geronimo-repository-directory-traversal(49898)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49898"}, {"name": "8458", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/8458"}, {"name": "20090416 [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/502733/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dsecrg.com/pages/vul/show.php?id=118"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-5518", "datePublished": "2009-04-17T14:00:00", "dateReserved": "2008-12-12T00:00:00", "dateUpdated": "2024-08-07T10:56:46.696Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:geronimo:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ECF8E5A6-BCAA-428E-A703-6D1508AE2DA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:geronimo:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7353F7C5-18E8-4310-B31E-9B13963E3F18", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:geronimo:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "73F4CBB7-FF16-4B01-85B2-5B3FE7C8BE3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:geronimo:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "366DB1DC-39E2-43A1-9A23-37B7A75F7D07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de salto de directorio en la consola de administraci\u00f3n web en Apache Geronimo Application Server 2.1 a 2.1.3 en Windows permiten a atacantes remotos subir ficheros a directorios de su elecci\u00f3n a trav\u00e9s de secuencias de salto de directorio en los par\u00e1metros 1) group, (2) artifact, (3) version, o (4) fileType para console/portal//Services/Repository (tambi\u00e9n conocido como el portlet Services/Repository); (5) el par\u00e1metro createDB para console/portal/Embedded DB/DB Manager (tambi\u00e9n conocido como el portlet Embedded DB/DB Manager); o el par\u00e1metro filename para el script createKeystore en el portlet Security/Keystores."}], "id": "CVE-2008-5518", "lastModified": "2018-10-11T20:55:45.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 9.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-17T14:30:00.500", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://dsecrg.com/pages/vul/show.php?id=118"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://issues.apache.org/jira/browse/GERONIMO-4597"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/34715"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/502733/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/34562"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2009/1089"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49898"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49899"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49900"}, {"source": "secalert@redhat.com", "url": "https://www.exploit-db.com/exploits/8458"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}