Ubuntu 1097-1: Tomcat vulnerabilities

    Date29 Mar 2011
    CategoryUbuntu
    72
    Posted ByLinuxSecurity Advisories
    It was discovered that the Tomcat SecurityManager did not properly restrict the working directory. An attacker could use this flaw to read or write files outside of the intended working directory. (CVE-2010-3718) [More...]
    ===========================================================
    Ubuntu Security Notice USN-1097-1            March 29, 2011
    tomcat6 vulnerabilities
    CVE-2010-3718, CVE-2011-0013, CVE-2011-0534
    ===========================================================
    
    A security issue affects the following Ubuntu releases:
    
    Ubuntu 9.10
    Ubuntu 10.04 LTS
    Ubuntu 10.10
    
    This advisory also applies to the corresponding versions of
    Kubuntu, Edubuntu, and Xubuntu.
    
    The problem can be corrected by upgrading your system to the
    following package versions:
    
    Ubuntu 9.10:
      libtomcat6-java                 6.0.20-2ubuntu2.4
      tomcat6-admin                   6.0.20-2ubuntu2.4
    
    Ubuntu 10.04 LTS:
      libtomcat6-java                 6.0.24-2ubuntu1.7
      tomcat6-admin                   6.0.24-2ubuntu1.7
    
    Ubuntu 10.10:
      libtomcat6-java                 6.0.28-2ubuntu1.2
      tomcat6-admin                   6.0.28-2ubuntu1.2
    
    In general, a standard system update will make all the necessary changes.
    
    Details follow:
    
    It was discovered that the Tomcat SecurityManager did not properly restrict
    the working directory. An attacker could use this flaw to read or write
    files outside of the intended working directory. (CVE-2010-3718)
    
    It was discovered that Tomcat did not properly escape certain parameters in
    the Manager application which could result in browsers becoming vulnerable
    to cross-site scripting attacks when processing the output. With cross-site
    scripting vulnerabilities, if a user were tricked into viewing server
    output during a crafted server request, a remote attacker could exploit
    this to modify the contents, or steal confidential data (such as
    passwords), within the same domain. (CVE-2011-0013)
    
    It was discovered that Tomcat incorrectly enforced the maxHttpHeaderSize
    limit in certain configurations. A remote attacker could use this flaw to
    cause Tomcat to consume all available memory, resulting in a denial of
    service. (CVE-2011-0534)
    
    
    Updated packages for Ubuntu 9.10:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20-2ubuntu2.4.diff.gz
          Size/MD5:    30146 368440fa70bc0db3761dabf5f2709dda
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20-2ubuntu2.4.dsc
          Size/MD5:     2199 24aa6255ebff7bd1eb07dfa60724e814
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20.orig.tar.gz
          Size/MD5:  3590562 44f49e7e14028b6a53c3c346bd18c72f
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:   247668 768a68b87440f30367d7411d0577d165
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:   183426 ed8f02b43e199f809f41fae880766e87
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:  2915040 4a12a41f6d19bd3b6ed60689ead5d006
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:    39302 c03eff75d4c4ae56b31f93665851a13a
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:    37028 5ecbb0f812963199b14d75f122f6e6f1
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:   480530 f6b5cef256b51db43e6312aed3036bf6
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:   419566 dbc1ceb31ccbd312b3b6e33bd1a852a2
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:    22166 68229ede69d18279fb42e8860b85dcb4
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20-2ubuntu2.4_all.deb
          Size/MD5:    26564 e476efe024c88de1af97d90e741f6861
    
    Updated packages for Ubuntu 10.04 LTS:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.24-2ubuntu1.7.debian.tar.gz
          Size/MD5:    36286 14073ec9f0672f44cc6a32235e81c29d
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.24-2ubuntu1.7.dsc
          Size/MD5:     2405 6b7d220adbe7cd6be08219e82d9aa455
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.24.orig.tar.gz
          Size/MD5:  3262568 0bc48af723d6fee31e404434b3744f66
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:   255654 3ce49af59adc048b9d09f8835872def6
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:   190998 5ada256123bf0f2caed7997bafc5a64f
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:  3008834 98b54b99e32a9438303232367b66d607
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:    42308 50bc5b02ee89bcfb03db3008923b55de
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:    46510 5be3c6ac05b1abd929f43b0fcfe48b90
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:   510134 6a08a6206e048f73c57bb47e666e6033
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:   158016 ba1ac786b1bae3b826b8760a0de2e2ff
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:    25632 047bb156942e60dddb28002002c0bf82
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.24-2ubuntu1.7_all.deb
          Size/MD5:    31636 24c8c29feaa4d0e54e47f4fcd521d7b8
    
    Updated packages for Ubuntu 10.10:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.28-2ubuntu1.2.debian.tar.gz
          Size/MD5:    38583 a37a9a0eb6c8b47c02e68d3b2abf7bad
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.28-2ubuntu1.2.dsc
          Size/MD5:     2360 7195e057f375b37fb6bee143379aa709
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.28.orig.tar.gz
          Size/MD5:  3114279 c3d696609054be07a55c14a7de1b8ddf
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:   248152 d369aba28ffd0f4915cdfa5df802e8b2
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:   191768 6825151048eb76f3e689a544c8556b02
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:  3025748 2a472cf2b6cb4db888267bc0929d6bf3
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:    42910 2ece5f8876f3af69148d6e43fc76d5d5
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:    47558 f5e5851d790a889592ec76e39553a9a7
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:   514046 759531246db94fed8d60aa3acf875e9a
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:   161072 ce091b828050a221a1b79665a3e36e9b
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:    26196 cf4d5b3b1f61f30fe244cc51d11f1c10
        http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.28-2ubuntu1.2_all.deb
          Size/MD5:    33088 1dbe58b7fda5951c3192f57671cb54bb
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":53.49,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.63,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":34.88,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.