Info

Disclosure

Nov 05, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 6.1.6rc1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CVE ID: 2007-5613 (see also: NVD)
CERT VU: 237888
Bugtraq ID: 26697
Secunia Advisory ID: 27925 30941 33978 35143
Related OSVDB ID: 42495 42496
Vendor Specific Solution URL: http://dist.codehaus.org/jetty/jetty-5.1.x/
Vendor Specific News/Changelog Entry: http://jira.codehaus.org/browse/JETTY-452
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt
Other Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/42497