Bug#528389: CVE-2009-1523: Directory traversal vulnerability in the HTTP server in Mort Bay Jetty
Luciano Bello
luciano at debian.org
Tue May 12 16:00:42 UTC 2009
Package: jetty
Severity: serious
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for jetty.
CVE-2009-1523[0]:
| Directory traversal vulnerability in the HTTP server in Mort Bay Jetty
| before 6.1.17, and 7.0.0.M2 and earlier 7.x versions, allows remote
| attackers to access arbitrary files via directory traversal sequences
| in the URI.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1523
http://security-tracker.debian.net/tracker/CVE-2009-1523
More information about the pkg-java-maintainers
mailing list