PublicDate: 2008-01-08 11:46:00 UTC
Candidate: CVE-2007-6672
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6672
Description:
 Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection
 mechanisms and read the source of files via multiple '/' (slash) characters
 in the URI.
Ubuntu-Description:
Notes:
 jdstrand> Debian asked upstream if jetty 5 affected too
 mdeslaur> doesn't apply to jetty 5
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_jetty:
upstream_jetty: released (6.1.7)
dapper_jetty: ignored (reached end-of-life)
edgy_jetty: needs-triage (reached end-of-life)
feisty_jetty: needs-triage (reached end-of-life)
gutsy_jetty: needs-triage (reached end-of-life)
hardy_jetty: not-affected
intrepid_jetty: not-affected
jaunty_jetty: not-affected
karmic_jetty: not-affected
devel_jetty: not-affected (6.1.22-1ubuntu1)