Executive Summary
Summary | |
---|---|
Title | tomcat security update |
Informations | |||
---|---|---|---|
Name | RHSA-2007:0569 | First vendor Publication | 2007-07-17 |
Vendor | RedHat | Last vendor Modification | 2007-07-17 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated tomcat packages that fix two security issues and a packaging bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Tomcat is a servlet container for Java Servlet and JavaServer Pages (JSP) technologies. Some JSPs within the 'examples' web application did not escape user provided data. If the JSP examples were accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks (CVE-2007-2449). Note: it is recommended the 'examples' web application not be installed on a production system. The Manager and Host Manager web applications did not escape user provided data. If a user is logged in to the Manager or Host Manager web application, an attacker could perform a cross-site scripting attack (CVE-2007-2450). Users of Tomcat should update to these erratum packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 244804 - CVE-2007-2449 tomcat examples jsp XSS 244808 - CVE-2007-2450 tomcat host manager XSS 244846 - /var/tmp/rpm-tmp.25596: line 5: /usr/bin/rebuild-gcj-db: No such file or directory |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2007-0569.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10578 | |||
Oval ID: | oval:org.mitre.oval:def:10578 | ||
Title: | Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence. | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-2449 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11287 | |||
Oval ID: | oval:org.mitre.oval:def:11287 | ||
Title: | Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors. | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-2450 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20358 | |||
Oval ID: | oval:org.mitre.oval:def:20358 | ||
Title: | DSA-1468-1 tomcat5.5 | ||
Description: | Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1468-1 CVE-2008-0128 CVE-2007-2450 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | tomcat5.5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7601 | |||
Oval ID: | oval:org.mitre.oval:def:7601 | ||
Title: | DSA-1468 tomcat5.5 -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. The Common Vulnerabilities and Exposures project identifies the following problems: Olaf Kock discovered that HTTPS encryption was insufficiently enforced for single-sign-on cookies, which could result in information disclosure. It was discovered that the Manager and Host Manager web applications performed insufficient input sanitising, which could lead to cross site scripting. This update also adapts the tomcat5.5-webapps package to the tightened JULI permissions introduced in the previous tomcat5.5 DSA. However, it should be noted, that the tomcat5.5-webapps is for demonstration and documentation purposes only and should not be used for production systems. The old stable distribution (sarge) doesn't contain tomcat5.5. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1468 CVE-2008-0128 CVE-2007-2450 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | tomcat5.5 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004 File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl |
2009-10-13 | Name : SLES10: Security update for Tomcat 5 File : nvt/sles10_tomcat53.nasl |
2009-10-13 | Name : SLES10: Security update for Websphere Community Edition File : nvt/sles10_websphere-as_ce0.nasl |
2009-10-10 | Name : SLES9: Security update for Tomcat File : nvt/sles9p5023110.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02262 File : nvt/gb_hp_ux_HPSBUX02262.nasl |
2009-04-09 | Name : Mandriva Update for tomcat5 MDKSA-2007:241 (tomcat5) File : nvt/gb_mandriva_MDKSA_2007_241.nasl |
2009-02-27 | Name : Fedora Update for tomcat5 FEDORA-2007-3456 File : nvt/gb_fedora_2007_3456_tomcat5_fc7.nasl |
2009-02-27 | Name : Fedora Update for tomcat5 FEDORA-2007-3474 File : nvt/gb_fedora_2007_3474_tomcat5_fc8.nasl |
2009-02-18 | Name : SuSE Security Summary SUSE-SR:2009:004 File : nvt/suse_sr_2009_004.nasl |
2009-02-17 | Name : Fedora Update for tomcat5 FEDORA-2008-8130 File : nvt/gb_fedora_2008_8130_tomcat5_fc8.nasl |
2009-02-16 | Name : Fedora Update for tomcat5 FEDORA-2008-1467 File : nvt/gb_fedora_2008_1467_tomcat5_fc7.nasl |
2009-02-16 | Name : Fedora Update for tomcat5 FEDORA-2008-1603 File : nvt/gb_fedora_2008_1603_tomcat5_fc8.nasl |
2009-02-02 | Name : Ubuntu USN-710-1 (xine-lib) File : nvt/ubuntu_710_1.nasl |
2009-02-02 | Name : Ubuntu USN-711-1 (ktorrent) File : nvt/ubuntu_711_1.nasl |
2009-02-02 | Name : Ubuntu USN-712-1 (vim) File : nvt/ubuntu_712_1.nasl |
2008-01-31 | Name : Debian Security Advisory DSA 1468-1 (tomcat5.5) File : nvt/deb_1468_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
36080 | Apache Tomcat JSP Examples Crafted URI XSS |
36079 | Apache Tomcat Manager Uploaded Filename XSS Apache Tomcat contains a flaw that allows a remote cross site scripting attack. This flaw exists because the Manager and Host Manager applications do not validate the filename of files uploaded via the /manager/html/upload utility. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0569.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070717_tomcat_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-12-07 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_5_5_25.nasl - Type : ACT_GATHER_INFO |
2010-06-16 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_4_1_37.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0630.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0524.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0261.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_websphere-as_ce-5850.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12116.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-241.nasl - Type : ACT_GATHER_INFO |
2008-09-17 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8130.nasl - Type : ACT_GATHER_INFO |
2008-07-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-004.nasl - Type : ACT_GATHER_INFO |
2008-07-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_4.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote openSUSE host is missing a security update. File : suse_tomcat55-5069.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_tomcat5-5070.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote openSUSE host is missing a security update. File : suse_tomcat5-5071.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1603.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1467.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1468.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3474.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3456.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0569.nasl - Type : ACT_GATHER_INFO |
2007-07-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0569.nasl - Type : ACT_GATHER_INFO |
2007-06-18 | Name : The remote Apache Tomcat web server contains a JSP application that is affect... File : tomcat_snoop_uri_xss.nasl - Type : ACT_ATTACK |
Alert History
Date | Informations |
---|---|
2014-02-17 11:50:50 |
|