Intrusion Prevention



This indicates an attack attempt against a directory-traversal vulnerability in multiple products.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to read arbitrary files on the target host.

Affected Products

Apache Software Foundation Tomcat 6.0.16 and previous versions
3Com Network Supervisor 5.1 and previous versions
3Com Network Director 2.0 and previous versions


Information Disclosure

Recommended Actions

Contact your vendor for upgrade or patch information.

CVE References

CVE-2008-2938 CVE-2005-2020