This attack could pose a moderate security threat. It does not require immediate action.
This signature detects attempt to exploit a directory traversal vulnerability by sending UTF-8 encoded characters in URL to Apache Tomcat.
Apache Tomcat is a Java-based webserver application for multiple operating systems.
The application is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks. Note that successful exploitation requires 'allowLinking' field to be enabled, and the 'URIencoding' field to be set to 'UTF-8' in the 'server.xml' or 'context.xml' files.
- Tomcat 4.1.0 to 4.1.37
- Tomcat 5.5.0 to 5.5.26
- Tomcat 6.0.0 to 6.0.17
Download and install all vendor patches related to this vulnerability.