The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Jetty

vulnerability alert CVE-2016-4800

Eclipse Jetty: directory traversal with backslash characters

Synthesis of the vulnerability

An attacker can traverse directories of Eclipse Jetty, in order to read a file outside the service root path.
Impacted products: Jetty.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 30/05/2016.
Identifiers: CVE-2016-4800, ocert-2016-001, VIGILANCE-VUL-19731, ZDI-16-362.

Description of the vulnerability

The Eclipse Jetty is an HTTP server and a servlet engine.

An HTTP server must normalize the path sent in the requested URL and take escapes into account. However, Jetty wrongly manages the path decoding. The proposed countermeasure suggests that "\" is accepted as a path separator, while only "/" is valid in URLs. Using "\n" instead of "/" would allow the client to access the machine code tree and configuration tree in the targeted servlet.

An attacker can therefore traverse directories of Eclipse Jetty, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 17015

Eclipse Jetty: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Eclipse Jetty.
Impacted products: Jetty.
Severity: 2/4.
Consequences: user access/rights, client access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 01/06/2015.
Identifiers: 461499, 465053, 468747, VIGILANCE-VUL-17015.

Description of the vulnerability

Several vulnerabilities were announced in Eclipse Jetty.

An attacker can create a connection leak in ConnectionPool, in order to trigger a denial of service. [severity:2/4; 461499]

An attacker can generate a buffer overflow in gzip, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; 465053]

An attacker can trigger a Cross Site Scripting in HttpSpiContextHandler, in order to execute JavaScript code in the context of the web site. [severity:2/4; 468747]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Jetty: