Date:         Thu, 23 Jul 2009 17:04:15 -0500
Reply-To:     Connie Sieh 
Sender:       Security Errata for Scientific Linux
              
From:         Connie Sieh 
Subject:      Security ERRATA Important: tomcat on SL5.x i386/x86_64
Comments: To: scientific 

Synopsis:          Important: tomcat security update
CVE: CVE-2007-5333 Improve cookie parsing for tomcat5
   CVE-2009-0781 tomcat: XSS in Apache Tomcat calendar application
   CVE-2009-0033 tomcat6 Denial-Of-Service with AJP connection
   CVE-2009-0580 tomcat6 Information disclosure in authentication classes
   CVE-2009-0783 tomcat XML parser information disclosure
   CVE-2008-5515 tomcat request dispatcher information disclosure vulnerability

It was discovered that a prior security errata for Tomcat version 
tomcat5-5.5.23-0jpp.3.0.2.el5 did not address all possible flaws in the 
way Tomcat handles certain characters and character sequences in cookie 
values. A remote attacker could use this flaw to obtain sensitive 
information, such as session IDs, and then use this information for 
session hijacking attacks. (CVE-2007-5333)

Note: The fix for the CVE-2007-5333 flaw changes the default cookie
processing behavior: with this update, version 0 cookies that contain
values that must be quoted to be valid are automatically changed to version
1 cookies. To reactivate the previous, but insecure behavior, add the
following entry to the "/etc/tomcat5/catalina.properties" file:

org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false

It was discovered that request dispatchers did not properly normalize user
requests that have trailing query strings, allowing remote attackers to
send specially-crafted requests that would cause an information leak.
(CVE-2008-5515)

A flaw was found in the way the Tomcat AJP (Apache JServ Protocol)
connector processes AJP connections. An attacker could use this flaw to
send specially-crafted requests that would cause a temporary denial of
service. (CVE-2009-0033)

It was discovered that the error checking methods of certain authentication
classes did not have sufficient error checking, allowing remote attackersto enumerate (via brute force methods) usernames registered with
applications running on Tomcat when FORM-based authentication was used.
(CVE-2009-0580)

A cross-site scripting (XSS) flaw was found in the examples calendar
application. With some web browsers, remote attackers could use this flaw
to inject arbitrary web script or HTML via the "time" parameter.
(CVE-2009-0781)

It was discovered that web applications containing their own XML parserscould replace the XML parser Tomcat uses to parse configuration files. A
malicious web application running on a Tomcat instance could read or,
potentially, modify the configuration and XML-based data of other web
applications deployed on the same Tomcat instance. (CVE-2009-0783)


SRPM:

    	tomcat5-5.5.23-0jpp.7.el5_3.2.src.rpm

i386:
    	tomcat5-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-jasper-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm
    	tomcat5-webapps-5.5.23-0jpp.7.el5_3.2.i386.rpm

x86_64:
 	tomcat5-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-jasper-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
 	tomcat5-webapps-5.5.23-0jpp.7.el5_3.2.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: Important: tomcat SL5.x i386/x86_64 Errata 17-04-15

Important: tomcat security update

Summary

Date:         Thu, 23 Jul 2009 17:04:15 -0500Reply-To:     Connie Sieh Sender:       Security Errata for Scientific Linux              From:         Connie Sieh Subject:      Security ERRATA Important: tomcat on SL5.x i386/x86_64Comments: To: scientific Synopsis:          Important: tomcat security updateCVE: CVE-2007-5333 Improve cookie parsing for tomcat5   CVE-2009-0781 tomcat: XSS in Apache Tomcat calendar application   CVE-2009-0033 tomcat6 Denial-Of-Service with AJP connection   CVE-2009-0580 tomcat6 Information disclosure in authentication classes   CVE-2009-0783 tomcat XML parser information disclosure   CVE-2008-5515 tomcat request dispatcher information disclosure vulnerabilityIt was discovered that a prior security errata for Tomcat version tomcat5-5.5.23-0jpp.3.0.2.el5 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks. (CVE-2007-5333)Note: The fix for the CVE-2007-5333 flaw changes the default cookieprocessing behavior: with this update, version 0 cookies that containvalues that must be quoted to be valid are automatically changed to version1 cookies. To reactivate the previous, but insecure behavior, add thefollowing entry to the "/etc/tomcat5/catalina.properties" file:org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=falseIt was discovered that request dispatchers did not properly normalize userrequests that have trailing query strings, allowing remote attackers tosend specially-crafted requests that would cause an information leak.(CVE-2008-5515)A flaw was found in the way the Tomcat AJP (Apache JServ Protocol)connector processes AJP connections. An attacker could use this flaw tosend specially-crafted requests that would cause a temporary denial ofservice. (CVE-2009-0033)It was discovered that the error checking methods of certain authenticationclasses did not have sufficient error checking, allowing remote attackersto enumerate (via brute force methods) usernames registered withapplications running on Tomcat when FORM-based authentication was used.(CVE-2009-0580)A cross-site scripting (XSS) flaw was found in the examples calendarapplication. With some web browsers, remote attackers could use this flawto inject arbitrary web script or HTML via the "time" parameter.(CVE-2009-0781)It was discovered that web applications containing their own XML parserscould replace the XML parser Tomcat uses to parse configuration files. Amalicious web application running on a Tomcat instance could read or,potentially, modify the configuration and XML-based data of other webapplications deployed on the same Tomcat instance. (CVE-2009-0783)SRPM:    	tomcat5-5.5.23-0jpp.7.el5_3.2.src.rpmi386:    	tomcat5-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-jasper-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm    	tomcat5-webapps-5.5.23-0jpp.7.el5_3.2.i386.rpmx86_64: 	tomcat5-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-jasper-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm 	tomcat5-webapps-5.5.23-0jpp.7.el5_3.2.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Recent research sheds light on the security vulnerabilities prevalent in Linux vendor kernels due to flawed engineering processes that backport
28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved