<<< Date Index >>>     <<< Thread Index >>>

[ MDKSA-2007:241 ] - Updated tomcat5 packages fix multiple vulnerabilities



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:241
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : tomcat5
 Date    : December 10, 2007
 Affected: 2007.1, 2008.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities were found in Tomcat:
 
 A directory traversal vulnerability, when using certain proxy modules,
 allows a remote attacker to read arbitrary files via a .. (dot dot)
 sequence with various slash, backslash, or url-encoded backslash
 characters (CVE-2007-0450; affects Mandriva Linux 2007.1 only).
 
 Multiple cross-site scripting vulnerabilities in certain JSP files
 allow remote attackers to inject arbitrary web script or HTML
 (CVE-2007-2449).
 
 Multiple cross-site scripting vulnerabilities in the Manager and Host
 Manager web applications allow remote authenticated users to inject
 arbitrary web script or HTML (CVE-2007-2450).
 
 Tomcat treated single quotes as delimiters in cookies, which could
 cause sensitive information such as session IDs to be leaked and allow
 remote attackers to conduct session hijacking attacks (CVE-2007-3382).
 
 Tomcat did not properly handle the " character sequence in a cookie
 value, which could cause sensitive information such as session IDs
 to be leaked and allow remote attackers to conduct session hijacking
 attacks (CVE-2007-3385).
 
 A cross-site scripting vulnerability in the Host Manager servlet
 allowed remote attackers to inject arbitrary HTML and web script via
 crafted attacks (CVE-2007-3386).
 
 Finally, an absolute path traversal vulnerability, under certain
 configurations, allows remote authenticated users to read arbitrary
 files via a WebDAV write request that specifies an entity with a
 SYSTEM tag (CVE-2007-5461).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.1:
 2eaba952d2699868ef76ca11dc7743e2  
2007.1/i586/tomcat5-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 037b18dda99d06be0b77f35964257902  
2007.1/i586/tomcat5-admin-webapps-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 d9e6c355370c0e3f9aebc7ba0edd99d5  
2007.1/i586/tomcat5-common-lib-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 fcb4fa36ea0926a0fbd92d1f9c9d9671  
2007.1/i586/tomcat5-jasper-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 fedd1a27a4f46d0d793c3ceb21a57246  
2007.1/i586/tomcat5-jasper-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 ab5985c840c14c812b3e72dae54407f0  
2007.1/i586/tomcat5-jsp-2.0-api-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 6266395d78af5f64ce7a150b9175fab7  
2007.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 08335caaa65e97003aa67d465ce60ae1  
2007.1/i586/tomcat5-server-lib-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 3a4f5995900419c7354804ae0dc548b6  
2007.1/i586/tomcat5-servlet-2.4-api-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 0c27ba521cee0d06627f121df3a138c9  
2007.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm
 07537a59d8549f412dc4c9a783f41177  
2007.1/i586/tomcat5-webapps-5.5.17-6.2.4.1mdv2007.1.i586.rpm 
 b55342a597ab506be934b6a73ed24005  
2007.1/SRPMS/tomcat5-5.5.17-6.2.4.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 aea539336fa58a995ae1411fe61934c2  
2007.1/x86_64/tomcat5-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 0225750a0d4ef032915783d0b29c1504  
2007.1/x86_64/tomcat5-admin-webapps-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 8223d038509a71f537f537909e9ef863  
2007.1/x86_64/tomcat5-common-lib-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 dedd59d873c5bb4e608b1328595f2d98  
2007.1/x86_64/tomcat5-jasper-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 c0ef0eda05488b8b571e6700a9365ea3  
2007.1/x86_64/tomcat5-jasper-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 95dae961b82630d633fc3419383dbe4b  
2007.1/x86_64/tomcat5-jsp-2.0-api-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 41378a0106da001d545681c185b2f5c3  
2007.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 5448b57b7667414c12aabb1da5e528fa  
2007.1/x86_64/tomcat5-server-lib-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 9a277ae64587b81f61e8c118ba4d4571  
2007.1/x86_64/tomcat5-servlet-2.4-api-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 1be4b0eea59741ef7efb0f51f97e19c7  
2007.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm
 d3965a643dbdc8e685ff4b5861877254  
2007.1/x86_64/tomcat5-webapps-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 
 b55342a597ab506be934b6a73ed24005  
2007.1/SRPMS/tomcat5-5.5.17-6.2.4.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 828e35db12f9dab3a5e63c475c289f88  
2008.0/i586/tomcat5-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 5e98b01f16f8213db5e842dcb47e4e8b  
2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 fd483503d3f313775be4c098858a4e0d  
2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 23dffdf05e1c50d5cfea045552c8f3bb  
2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 3da9fcc0e4c0c8366b676e0770b8fe7c  
2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 03222fbcf7fad63aa6920d5d4ee55ee2  
2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 566362e78e6dd5f853b616204453aa0d  
2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 fd00fd2a4faa567523ba9ce959ad1efa  
2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 8a8c1b69636876ac31b0968edce82d3f  
2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 85d0641840725e728f18cc86925d1923  
2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm
 3e62b31a3fce47b8d7e2de2ecc7eb29d  
2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.1mdv2008.0.i586.rpm 
 9522ebba28176adf03d9a7b33fb526f8  
2008.0/SRPMS/tomcat5-5.5.23-9.2.10.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 a44ed55a6a2943e5ba39ea6473a2af27  
2008.0/x86_64/tomcat5-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 292e2c0a822a736fe85c498c17bb09c6  
2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 c8ee3862233f323278d0b97a3f07a74d  
2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 0c944fe5d8725da8fd4e57e89539fa21  
2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 bcbb50b5978295bd40ec24212ca77a8a  
2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 472c0a30c7ad74c0cb63da51142de438  
2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 10c6da9615553dc07e2f59d226f30a1d  
2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 53eba8a64c428e6e2a14e59095f958b4  
2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 8c6849bcca11457dffd03aa9c9e9a35f  
2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 b5b42989963c31f79a997c9c18ed4cb4  
2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm
 667a7b6fe2d3bc22ef64d87c2a6b9fe7  
2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 
 9522ebba28176adf03d9a7b33fb526f8  
2008.0/SRPMS/tomcat5-5.5.23-9.2.10.1mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHXZ68mqjQ0CJFipgRAhO2AKC+AwaCU8LmMtlbmj5Q9HgrOr3PTwCeMZo1
QKCxPSeNSXZPdPEE6c2TDyk=
=z6UT
-----END PGP SIGNATURE-----