Otkriveno je više sigurnosnih propusta u radu programskog paketa Tomcat5. Uspješna zlouporaba spomenutih propusta napadaču omogućuje zaobilaženje pojedinih ograničenja i otkrivanje osjetljivih informacija.
Paket:
Apache Tomcat 5.x
Operacijski sustavi:
Mandriva Linux 2010.1, Mandriva Linux Enterprise Server 5.0
Propusti su posljedica pogreške u implementaciji HTTP DIGEST autentikacije, neodgovarajuće provjere određenih svojstava zahtjeva, itd. Za detalje o svim propustima preporuča se pregled teksta izvorne preporuke.
Posljedica:
Zlonamjerni korisnik ih može iskoristiti za zaobilaženje postavljenih ograničenja i otkrivanje određenih podataka.
Rješenje:
Korisnicima se savjetuje instalacija ispravljenih inačica.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:156
http://www.mandriva.com/security/
_______________________________________________________________________
Package : tomcat5
Date : October 18, 2011
Affected: 2010.1, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in tomcat
5.5.x:
The implementation of HTTP DIGEST authentication in tomcat was
discovered to have several weaknesses (CVE-2011-1184).
Apache Tomcat, when the MemoryUserDatabase is used, creates log entries
containing passwords upon encountering errors in JMX user creation,
which allows local users to obtain sensitive information by reading
a log file (CVE-2011-2204).
Apache Tomcat, when sendfile is enabled for the HTTP APR or HTTP
NIO connector, does not validate certain request attributes, which
allows local users to bypass intended file access restrictions or
cause a denial of service (infinite loop or JVM crash) by leveraging
an untrusted web application (CVE-2011-2526).
Certain AJP protocol connector implementations in Apache Tomcat allow
remote attackers to spoof AJP requests, bypass authentication, and
obtain sensitive information by causing the connector to interpret
a request body as a new request (CVE-2011-3190).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190
http://tomcat.apache.org/security-5.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
773a5fc229b75a431546c24f560e8913
2010.1/i586/tomcat5-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
6164f8836446357d0c524706e74cfaac
2010.1/i586/tomcat5-admin-webapps-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
608020232619e313b1e5b78c925e3ec9
2010.1/i586/tomcat5-common-lib-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
a014466c79378815eea53bf71058a811
2010.1/i586/tomcat5-jasper-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
fc23df07e993d5563ba5ea6cc19c7faf
2010.1/i586/tomcat5-jasper-eclipse-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
1e293502cc60a9543a83241165668df1
2010.1/i586/tomcat5-jasper-javadoc-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
8bf104f92c4c365beea776a3e335dd74
2010.1/i586/tomcat5-jsp-2.0-api-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
34d375a720129c779a8396df0fea4332
2010.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
f266c74edee028677a2b2ce0d907f194
2010.1/i586/tomcat5-server-lib-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
f290cdda12fe10cbd2131f769ac001c0
2010.1/i586/tomcat5-servlet-2.4-api-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
86065d9a174943936047a07e6ee44de8
2010.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
eae685ce8ecee314b6d2221198eacc90
2010.1/i586/tomcat5-webapps-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
c5363a8910ef6f6ba395dc9222f66e42
2010.1/SRPMS/tomcat5-5.5.28-0.5.0.3mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
05f89a0bd05436ab648a2b6e7921cd7c
2010.1/x86_64/tomcat5-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
beb3f7bee12e2c3d27d2da45cd4d5cbf
2010.1/x86_64/tomcat5-admin-webapps-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
94f8860fdcc706d20e32f519a5f44e62
2010.1/x86_64/tomcat5-common-lib-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
1ae847ee8fccc93b0fbcd3caa20e3f4c
2010.1/x86_64/tomcat5-jasper-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
593df02d912d630bb580156d1352cee4
2010.1/x86_64/tomcat5-jasper-eclipse-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
00933232ea5411c8194b94caa2576365
2010.1/x86_64/tomcat5-jasper-javadoc-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
2bad11a52672af123cb464fbd5195650
2010.1/x86_64/tomcat5-jsp-2.0-api-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
3b31cfb99a68d45022fe09a34623b78d
2010.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
8bfdc07d6a914edf7dac32e0641cbc0c
2010.1/x86_64/tomcat5-server-lib-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
c7667a661a3654750fc0069a1fa10289
2010.1/x86_64/tomcat5-servlet-2.4-api-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
51fb24de9c2cbbbbc10bad1a29d85709
2010.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
011186ea5ab76f3b4eac56e0ada5e080
2010.1/x86_64/tomcat5-webapps-5.5.28-0.5.0.3mdv2010.2.noarch.rpm
c5363a8910ef6f6ba395dc9222f66e42
2010.1/SRPMS/tomcat5-5.5.28-0.5.0.3mdv2010.2.src.rpm
Mandriva Enterprise Server 5:
125a7eb9dcc1683f8ac07af85ca76ec0
mes5/i586/tomcat5-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
24c7aa0d7ea2ca4d9e4e1d9544ea16f8
mes5/i586/tomcat5-admin-webapps-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
568879dcf8335d6bf98076170f052072
mes5/i586/tomcat5-common-lib-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
84e69e48ecd35f246d4fa6ed926efad9
mes5/i586/tomcat5-jasper-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
540440225e1f3ce5de895c8ed46f2443
mes5/i586/tomcat5-jasper-eclipse-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
a9ff3a61cd9708fb2ad6ba6fd9112aff
mes5/i586/tomcat5-jasper-javadoc-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
1939ea1c2e62dc94a7835a6ac6dbf6e3
mes5/i586/tomcat5-jsp-2.0-api-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
d17ced8fe80f33f3007bc9dd8f7c446e
mes5/i586/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
21ffcde63e835e3532d3383f9607c8b7
mes5/i586/tomcat5-server-lib-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
38f82d3d0cb274d8e3a8781f4087eff4
mes5/i586/tomcat5-servlet-2.4-api-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
f6d5fc18de6eb4eb64a4410514df3544
mes5/i586/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
57026e2da95e91b2a4140caa443afd1e
mes5/i586/tomcat5-webapps-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
dc2118f7227a36e842cefaf417338a36
mes5/SRPMS/tomcat5-5.5.28-0.5.0.3mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
74e8a69d9970bd3fe07aa5014deed2d4
mes5/x86_64/tomcat5-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
febe57b644b0341a2abe88bc412d83d8
mes5/x86_64/tomcat5-admin-webapps-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
3045ba1b90c28c481b562946651dc0d2
mes5/x86_64/tomcat5-common-lib-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
3329413dde2923f317feacaac38ce303
mes5/x86_64/tomcat5-jasper-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
c689ea5d6a2305e98f17d2e62af54a65
mes5/x86_64/tomcat5-jasper-eclipse-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
4f9f1bdcdc48b702fcfbb72f5a0b0654
mes5/x86_64/tomcat5-jasper-javadoc-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
b054e07dda62cd976d426a787cc2cf8e
mes5/x86_64/tomcat5-jsp-2.0-api-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
9c7a9d767e8f843413b749194f5edd33
mes5/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
1acee64bbbc9e257badcbf4a3dbbd8e5
mes5/x86_64/tomcat5-server-lib-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
a39d5bef79a400f012e41ffe7d1b17c8
mes5/x86_64/tomcat5-servlet-2.4-api-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
6464fd323297c3d6619131c7b432c580
mes5/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
fffd75e85b90aba4b6a3a5c73cabb944
mes5/x86_64/tomcat5-webapps-5.5.28-0.5.0.3mdvmes5.2.noarch.rpm
dc2118f7227a36e842cefaf417338a36
mes5/SRPMS/tomcat5-5.5.28-0.5.0.3mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOnXa8mqjQ0CJFipgRAjmhAKDAS/US19egFVhiWmlS0O4FvKdFYACgiZbR
bUKgLw+nMniLQoAxCSXVRac=
=dh2c
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke