English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 74154 CVE descriptions
and 39337 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.68028
Category:Mandrake Local Security Checks
Title:Mandriva Security Advisory MDVSA-2010:176 (tomcat5)
Summary:Mandriva Security Advisory MDVSA-2010:176 (tomcat5)
Description:The remote host is missing an update to tomcat5
announced via advisory MDVSA-2010:176.

Multiple vulnerabilities has been found and corrected in tomcat5:

Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0
through 4.1.36 does not properly handle (1) double quote () characters
or (2) \%5C (encoded backslash) sequences in a cookie value, which
might cause sensitive information such as session IDs to be leaked
to remote attackers and enable session hijacking attacks. NOTE:
this issue exists because of an incomplete fix for CVE-2007-3385
(CVE-2007-5333).

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through
6.0.18, and possibly earlier versions normalizes the target pathname
before filtering the query string when using the RequestDispatcher
method, which allows remote attackers to bypass intended access
restrictions and conduct directory traversal attacks via .. (dot dot)
sequences and the WEB-INF directory in a Request (CVE-2008-5515).

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0
through 6.0.18, when the Java AJP connector and mod_jk load balancing
are used, allows remote attackers to cause a denial of service
(application outage) via a crafted request with invalid headers,
related to temporary blocking of connectors that have encountered
errors, as demonstrated by an error involving a malformed HTTP Host
header (CVE-2009-0033).

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and
6.0.0 through 6.0.18, when FORM authentication is used, allows
remote attackers to enumerate valid usernames via requests to
/j_security_check with malformed URL encoding of passwords, related to
improper error checking in the (1) MemoryRealm, (2) DataSourceRealm,
and (3) JDBCRealm authentication realms, as demonstrated by a \%
(percent) value for the j_password parameter (CVE-2009-0580).

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0
through 6.0.18 permits web applications to replace an XML parser used
for other web applications, which allows local users to read or modify
the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web
applications via a crafted application that is loaded earlier than
the target application (CVE-2009-0783).

Directory traversal vulnerability in Apache Tomcat 5.5.0 through
5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or
overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file,
as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693).

The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and
6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase
files that remain from a failed undeploy, which might allow remote
attackers to bypass intended authentication requirements via HTTP
requests (CVE-2009-2901).

Directory traversal vulnerability in Apache Tomcat 5.5.0 through
5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete
work-directory files via directory traversal sequences in a WAR
filename, as demonstrated by the ...war filename (CVE-2009-2902).

Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might
allow remote attackers to discover the server's hostname or IP
address by sending a request for a resource that requires (1) BASIC or
(2) DIGEST authentication, and then reading the realm field in the
WWW-Authenticate header in the reply (CVE-2010-1157).

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0
beta does not properly handle an invalid Transfer-Encoding header,
which allows remote attackers to cause a denial of service (application
outage) or obtain sensitive information via a crafted header that
interferes with recycling of a buffer. (CVE-2010-2227)

Packages for 2008.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Affected: 2008.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:176

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3385
Bugtraq: 20070814 CVE-2007-3385: Handling of \" in cookies (Google Search)
http://www.securityfocus.com/archive/1/archive/1/476444/100/0/threaded
Bugtraq: 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded
Bugtraq: 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded
AIX APAR: IZ55562
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
Debian Security Information: DSA-1447 (Google Search)
http://www.debian.org/security/2008/dsa-1447
Debian Security Information: DSA-1453 (Google Search)
http://www.debian.org/security/2008/dsa-1453
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
HPdes Security Advisory: HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPdes Security Advisory: SSRT071447
HPdes Security Advisory: HPSBTU02276
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554
HPdes Security Advisory: SSRT071472
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
http://www.redhat.com/support/errata/RHSA-2007-0871.html
http://www.redhat.com/support/errata/RHSA-2007-0950.html
http://www.redhat.com/support/errata/RHSA-2008-0195.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
SuSE Security Announcement: SUSE-SR:2008:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
CERT/CC vulnerability note: VU#993544
http://www.kb.cert.org/vuls/id/993544
BugTraq ID: 25316
http://www.securityfocus.com/bid/25316
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9549
http://secunia.com/advisories/36486
http://secunia.com/advisories/44183
http://www.vupen.com/english/advisories/2007/2902
http://www.vupen.com/english/advisories/2007/3386
http://www.vupen.com/english/advisories/2007/3527
http://www.vupen.com/english/advisories/2008/1981/references
http://www.vupen.com/english/advisories/2009/0233
http://securitytracker.com/id?1018557
http://secunia.com/advisories/26466
http://secunia.com/advisories/26898
http://secunia.com/advisories/27037
http://secunia.com/advisories/27267
http://secunia.com/advisories/27727
http://secunia.com/advisories/28317
http://secunia.com/advisories/28361
http://secunia.com/advisories/29242
http://secunia.com/advisories/30802
http://secunia.com/advisories/33668
http://securityreason.com/securityalert/3011
XForce ISS Database: tomcat-slashcookie-information-disclosure(35999)
http://xforce.iss.net/xforce/xfdb/35999
Common Vulnerability Exposure (CVE) ID: CVE-2007-5333
Bugtraq: 20080208 [SECURITY] CVE-2007-5333: Tomcat Cookie handling vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/487822/100/0/threaded
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded
AIX APAR: IZ20991
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20991
AIX APAR: IZ20133
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20133
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html
http://security.gentoo.org/glsa/glsa-200804-10.xml
HPdes Security Advisory: HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2009:018
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
http://jvn.jp/jp/JVN%2309470767/index.html
BugTraq ID: 27706
http://www.securityfocus.com/bid/27706
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11177
http://secunia.com/advisories/37460
http://secunia.com/advisories/57126
http://www.vupen.com/english/advisories/2008/0488
http://www.vupen.com/english/advisories/2008/1856/references
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2008/2690
http://secunia.com/advisories/28878
http://secunia.com/advisories/28884
http://secunia.com/advisories/28915
http://secunia.com/advisories/29711
http://secunia.com/advisories/30676
http://secunia.com/advisories/32036
http://secunia.com/advisories/32222
http://secunia.com/advisories/33330
http://securityreason.com/securityalert/3636
http://www.vupen.com/english/advisories/2009/3316
Common Vulnerability Exposure (CVE) ID: CVE-2008-5515
Bugtraq: 20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504170/100/0/threaded
Bugtraq: 20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504202/100/0/threaded
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Debian Security Information: DSA-2207 (Google Search)
http://www.debian.org/security/2011/dsa-2207
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
HPdes Security Advisory: HPSBUX02579
http://marc.info/?l=bugtraq&m=129070310906557&w=2
HPdes Security Advisory: SSRT100203
HPdes Security Advisory: HPSBUX02860
http://marc.info/?l=bugtraq&m=136485229118404&w=2
HPdes Security Advisory: SSRT101146
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
SuSE Security Announcement: SUSE-SR:2010:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
http://jvn.jp/en/jp/JVN63832775/index.html
BugTraq ID: 35263
http://www.securityfocus.com/bid/35263
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10422
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6445
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19452
http://secunia.com/advisories/35393
http://secunia.com/advisories/35685
http://secunia.com/advisories/35788
http://secunia.com/advisories/39317
http://secunia.com/advisories/42368
http://www.vupen.com/english/advisories/2009/1520
http://www.vupen.com/english/advisories/2009/1535
http://www.vupen.com/english/advisories/2009/1856
http://www.vupen.com/english/advisories/2010/3056
Common Vulnerability Exposure (CVE) ID: CVE-2009-0033
Bugtraq: 20090603 [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504044/100/0/threaded
http://jvn.jp/en/jp/JVN87272440/index.html
BugTraq ID: 35193
http://www.securityfocus.com/bid/35193
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10231
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5739
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19110
http://securitytracker.com/id?1022331
http://secunia.com/advisories/35326
http://secunia.com/advisories/35344
http://www.vupen.com/english/advisories/2009/1496
XForce ISS Database: tomcat-ajp-dos(50928)
http://xforce.iss.net/xforce/xfdb/50928
Common Vulnerability Exposure (CVE) ID: CVE-2009-0580
Bugtraq: 20090603 [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504045/100/0/threaded
Bugtraq: 20090604 Re: [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504108/100/0/threaded
Bugtraq: 20090605 [SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504125/100/0/threaded
BugTraq ID: 35196
http://www.securityfocus.com/bid/35196
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6628
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9101
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:18915
http://securitytracker.com/id?1022332
XForce ISS Database: tomcat-jsecuritycheck-info-disclosure(50930)
http://xforce.iss.net/xforce/xfdb/50930
Common Vulnerability Exposure (CVE) ID: CVE-2009-0783
Bugtraq: 20090604 [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504090/100/0/threaded
BugTraq ID: 35416
http://www.securityfocus.com/bid/35416
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10716
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6450
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:18913
http://www.securitytracker.com/id?1022336
XForce ISS Database: tomcat-xml-information-disclosure(51195)
http://xforce.iss.net/xforce/xfdb/51195
Common Vulnerability Exposure (CVE) ID: CVE-2009-2693
Bugtraq: 20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration (Google Search)
http://www.securityfocus.com/archive/1/archive/1/509148/100/0/threaded
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded
HPdes Security Advisory: HPSBUX02541
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113
HPdes Security Advisory: SSRT100145
http://www.mandriva.com/security/advisories?name=MDVSA-2010:177
http://www.redhat.com/support/errata/RHSA-2010-0119.html
http://www.redhat.com/support/errata/RHSA-2010-0580.html
http://www.redhat.com/support/errata/RHSA-2010-0582.html
SuSE Security Announcement: openSUSE-SU-2012:1700 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
SuSE Security Announcement: openSUSE-SU-2012:1701 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
SuSE Security Announcement: openSUSE-SU-2013:0147 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
http://ubuntu.com/usn/usn-899-1
BugTraq ID: 37944
http://www.securityfocus.com/bid/37944
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7017
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19355
http://securitytracker.com/id?1023505
http://secunia.com/advisories/38316
http://secunia.com/advisories/38346
http://secunia.com/advisories/38541
http://secunia.com/advisories/38687
http://secunia.com/advisories/40330
http://secunia.com/advisories/40813
http://secunia.com/advisories/43310
http://www.vupen.com/english/advisories/2010/0213
http://www.vupen.com/english/advisories/2010/1559
http://www.vupen.com/english/advisories/2010/1986
XForce ISS Database: tomcat-war-directory-traversal(55855)
http://xforce.iss.net/xforce/xfdb/55855
Common Vulnerability Exposure (CVE) ID: CVE-2009-2901
Bugtraq: 20100124 [SECURITY] CVE-2009-2901 Apache Tomcat insecure partial deploy after failed undeploy (Google Search)
http://www.securityfocus.com/archive/1/archive/1/509151/100/0/threaded
BugTraq ID: 37942
http://www.securityfocus.com/bid/37942
http://securitytracker.com/id?1023503
XForce ISS Database: tomcat-autodeploy-security-bypass(55856)
http://xforce.iss.net/xforce/xfdb/55856
Common Vulnerability Exposure (CVE) ID: CVE-2009-2902
Bugtraq: 20100124 [SECURITY] CVE-2009-2902 Apache Tomcat unexpected file deletion in work directory (Google Search)
http://www.securityfocus.com/archive/1/archive/1/509150/100/0/threaded
BugTraq ID: 37945
http://www.securityfocus.com/bid/37945
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7092
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19431
http://securitytracker.com/id?1023504
XForce ISS Database: apache-tomcat-war-directory-traversal(55857)
http://xforce.iss.net/xforce/xfdb/55857
Common Vulnerability Exposure (CVE) ID: CVE-2010-1157
Bugtraq: 20100421 [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/510879/100/0/threaded
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://www.redhat.com/support/errata/RHSA-2011-0896.html
http://www.redhat.com/support/errata/RHSA-2011-0897.html
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
BugTraq ID: 39635
http://www.securityfocus.com/bid/39635
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19492
http://secunia.com/advisories/39574
http://www.vupen.com/english/advisories/2010/0980
Common Vulnerability Exposure (CVE) ID: CVE-2010-2227
Bugtraq: 20100709 [SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/512272/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050214.html
http://www.redhat.com/support/errata/RHSA-2010-0583.html
http://www.redhat.com/support/errata/RHSA-2010-0581.html
BugTraq ID: 41544
http://www.securityfocus.com/bid/41544
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:18532
http://securitytracker.com/id?1024180
http://secunia.com/advisories/41025
http://secunia.com/advisories/42079
http://secunia.com/advisories/42454
http://www.vupen.com/english/advisories/2010/2868
XForce ISS Database: tomcat-transferencoding-dos(60264)
http://xforce.iss.net/xforce/xfdb/60264
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 39337 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.