CVE-2006-3835

CVE-2006-3835 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.

Learn more about our Cis Benchmark Audit For Apache Tomcat.