Arch Linux Security Advisory ASA-201706-7
========================================
Severity: High
Date    : 2017-06-06
CVE-ID  : CVE-2017-5664
Package : tomcat8
Type    : access restriction bypass
Remote  : Yes
Link    : https://security.archlinux.org/AVG-291

Summary
======
The package tomcat8 before version 8.0.44-1 is vulnerable to access
restriction bypass.

Resolution
=========
Upgrade to 8.0.44-1.

# pacman -Syu "tomcat8>=8.0.44-1"

The problem has been fixed upstream in version 8.0.44.

Workaround
=========
None.

Description
==========
A security issue has been found in Apache Tomcat < 7.0.18 and < 8.0.44.
The error page mechanism of the Java Servlet Specification requires
that, when an error occurs and an error page is configured for the
error that occurred, the original request and response are forwarded to
the error page. This means that the request is presented to the error
page with the original HTTP method. If the error page is a static file,
expected behaviour is to serve the content of the file as if processing
a GET request, regardless of the actual HTTP method. Tomcat's Default
Servlet did not do this. Depending on the original request this could
lead to unexpected and undesirable results for static error pages
including, if the DefaultServlet is configured to permit writes, the
replacement or removal of the custom error page.

Impact
=====
A remote attacker can alter, replace or remove the custom error page of
an affected server by sending an HTTP request with a specific method.

References
=========
https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44
https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78
https://svn.apache.org/viewvc?view=revision&revision=1793471
https://svn.apache.org/viewvc?view=revision&revision=1793491
https://security.archlinux.org/CVE-2017-5664

ArchLinux: 201706-7: tomcat8: access restriction bypass

June 6, 2017

Summary

A security issue has been found in Apache Tomcat < 7.0.18 and < 8.0.44. The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve the content of the file as if processing a GET request, regardless of the actual HTTP method. Tomcat's Default Servlet did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page.

Resolution

Upgrade to 8.0.44-1. # pacman -Syu "tomcat8>=8.0.44-1"
The problem has been fixed upstream in version 8.0.44.

References

https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44 https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78 https://svn.apache.org/viewvc?view=revision&revision=1793471 https://svn.apache.org/viewvc?view=revision&revision=1793491 https://security.archlinux.org/CVE-2017-5664

Severity
Package : tomcat8
Type : access restriction bypass
Remote : Yes
Link : https://security.archlinux.org/AVG-291

Workaround

None.

Related News

5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved