Search for vulnerabilities
Vulnerability details: VCID-e5pv-xmcx-hfc7
Vulnerability ID VCID-e5pv-xmcx-hfc7
Aliases CVE-2008-2938
GHSA-m7xj-ccqc-p4g2
Summary
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
System Score Found at
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
epss 0.92931 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92931 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92931 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92931 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92931 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92931 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
generic_textual MODERATE https://exchange.xforce.ibmcloud.com/vulnerabilities/44411
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-m7xj-ccqc-p4g2
generic_textual MODERATE https://github.com/apache/tomcat
generic_textual MODERATE https://github.com/apache/tomcat/commit/c55ad56ed72ee1dbfe790bc5492d4df74e3e754f
generic_textual MODERATE https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2008-2938
generic_textual MODERATE https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10587
generic_textual MODERATE http://support.apple.com/kb/HT3216
generic_textual MODERATE http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
generic_textual MODERATE https://web.archive.org/web/20080827130946/http://securityreason.com/securityalert/4148
generic_textual MODERATE https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639
generic_textual MODERATE https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891
generic_textual MODERATE https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120
generic_textual MODERATE https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982
generic_textual MODERATE https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266
generic_textual MODERATE https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222
generic_textual MODERATE https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797
generic_textual MODERATE https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865
generic_textual MODERATE https://web.archive.org/web/20100516085845/http://secunia.com/advisories/37297
generic_textual MODERATE https://web.archive.org/web/20110711210039/http://rhn.redhat.com/errata/RHSA-2008-0862.html
generic_textual MODERATE https://web.archive.org/web/20110713233239/http://rhn.redhat.com/errata/RHSA-2008-0648.html
generic_textual MODERATE https://web.archive.org/web/20110713234158/http://rhn.redhat.com/errata/RHSA-2008-0864.html
generic_textual MODERATE https://web.archive.org/web/20140628064423/http://www.securityfocus.com/archive/1/495318/100/0/threaded
generic_textual MODERATE https://web.archive.org/web/20140628064448/http://www.securityfocus.com/archive/1/507729/100/0/threaded
generic_textual MODERATE https://web.archive.org/web/20140826163457/http://www.securityfocus.com/bid/30633
generic_textual MODERATE https://web.archive.org/web/20140826171227/http://www.securitytracker.com/id?1020665
generic_textual MODERATE https://web.archive.org/web/20140826232500/http://www.securityfocus.com/bid/31681
generic_textual MODERATE https://web.archive.org/web/20140827130327/http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
generic_textual MODERATE https://web.archive.org/web/20200612070417/http://marc.info/?l=bugtraq&m=123376588623823&w=2
generic_textual MODERATE https://www.exploit-db.com/exploits/6229
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
generic_textual MODERATE http://tomcat.apache.org/security-4.html
generic_textual MODERATE http://tomcat.apache.org/security-5.html
generic_textual MODERATE http://tomcat.apache.org/security-6.html
generic_textual MODERATE http://www.kb.cert.org/vuls/id/343355
generic_textual MODERATE http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2938.json
https://api.first.org/data/v1/epss?cve=CVE-2008-2938
https://exchange.xforce.ibmcloud.com/vulnerabilities/44411
https://github.com/apache/tomcat
https://github.com/apache/tomcat/commit/150bc791ac3ba40081425dd1c37a053fbb02b339
https://github.com/apache/tomcat/commit/c55ad56ed72ee1dbfe790bc5492d4df74e3e754f
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
https://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2008-2938
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10587
http://support.apple.com/kb/HT3216
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
https://web.archive.org/web/20080827130946/http://securityreason.com/securityalert/4148
https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639
https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891
https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120
https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982
https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266
https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222
https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797
https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865
https://web.archive.org/web/20100516085845/http://secunia.com/advisories/37297
https://web.archive.org/web/20110711210039/http://rhn.redhat.com/errata/RHSA-2008-0862.html
https://web.archive.org/web/20110713233239/http://rhn.redhat.com/errata/RHSA-2008-0648.html
https://web.archive.org/web/20110713234158/http://rhn.redhat.com/errata/RHSA-2008-0864.html
https://web.archive.org/web/20140628064423/http://www.securityfocus.com/archive/1/495318/100/0/threaded
https://web.archive.org/web/20140628064448/http://www.securityfocus.com/archive/1/507729/100/0/threaded
https://web.archive.org/web/20140826163457/http://www.securityfocus.com/bid/30633
https://web.archive.org/web/20140826171227/http://www.securitytracker.com/id?1020665
https://web.archive.org/web/20140826232500/http://www.securityfocus.com/bid/31681
https://web.archive.org/web/20140827130327/http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
https://web.archive.org/web/20200612070417/http://marc.info/?l=bugtraq&m=123376588623823&w=2
https://www.exploit-db.com/exploits/6229
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
http://tomcat.apache.org/security-4.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://www.kb.cert.org/vuls/id/343355
http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
456120 https://bugzilla.redhat.com/show_bug.cgi?id=456120
CVE-2008-2938 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/14489.c
GHSA-m7xj-ccqc-p4g2 https://github.com/advisories/GHSA-m7xj-ccqc-p4g2
OSVDB-47464;CVE-2008-2938 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6229.txt
Data source Metasploit
Description This module tests whether a directory traversal vulnerability is present in Trend Micro DLP (Data Loss Prevention) Appliance v5.5 build <= 1294. The vulnerability appears to be actually caused by the Tomcat UTF-8 bug which is implemented in module tomcat_utf8_traversal CVE 2008-2938. This module simply tests for the same bug with Trend Micro specific settings. Note that in the Trend Micro appliance, /etc/shadow is not used and therefore password hashes are stored and anonymously accessible in the passwd file.
Note 
Stability:
  - crash-safe
SideEffects:
  - ioc-in-logs
Reliability: []
Ransomware campaign use Unknown
Source publication date Jan. 9, 2009
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb
Data source Exploit-DB
Date added July 28, 2010
Description Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal
Ransomware campaign use Known
Source publication date July 28, 2010
Exploit type remote
Platform unix
Source update date March 30, 2017
Exploit Prediction Scoring System (EPSS)
Percentile 0.99763
EPSS Score 0.92931
Published At Sept. 21, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T07:58:39.009686+00:00 ProjectKB MSRImporter Import https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv 37.0.0