Vulnerability & Exploit Database

Back to search

RHSA-2013:0623: tomcat6 security update

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:P/A:N) November 17, 2012 March 15, 2013 July 04, 2017

Description

Apache Tomcat is a servlet container.It was found that when an application used FORM authentication, along withanother component that calls request.setUserPrincipal() before the call toFormAuthenticator#authenticate() (such as the Single-Sign-On valve), it waspossible to bypass the security constraint checks in the FORM authenticatorby appending "/j_security_check" to the end of a URL. A remote attackerwith an authenticated session on an affected application could use thisflaw to circumvent authorization controls, and thereby access resources notpermitted by the roles associated with their authenticated session.(CVE-2012-3546)A flaw was found in the way Tomcat handled sendfile operations when usingthe HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attackercould use this flaw to cause a denial of service (infinite loop). The HTTPblocking IO (BIO) connector, which is not vulnerable to this issue, is usedby default in Red Hat Enterprise Linux 6. (CVE-2012-4534)Multiple weaknesses were found in the Tomcat DIGEST authenticationimplementation, effectively reducing the security normally provided byDIGEST authentication. A remote attacker could use these flaws to performreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,CVE-2012-5887)Users of Tomcat should upgrade to these updated packages, which correctthese issues. Tomcat must be restarted for this update to take effect.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

redhat-upgrade-tomcat6

Related Vulnerabilities