NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090. 25 CVE-2013-2185 20 2014-01-19 2014-11-13 7.5 None Remote Low Not required Partial Partial Partial ** DISPUTED ** The readObject method Please note that binary patches are never provided. asked 1 year ago viewed 76 times active 1 year ago Related 348Difference between the Apache HTTP Server and Apache Tomcat?90apache to tomcat: mod_jk vs mod_proxy0Testing Apache/mod_jk/Tomcat configuration upgrade1Scrape/Parse betting odds Patch provided by F.Arnoud (kfujino) Fix a behavior of TcpPingInterceptor#useThread. http://lanprolab.net/apache-tomcat/apache-tomcat-6-0-18-error-report.php
Patch provided by Marc Guillemot. (slaurent) 49030: Failure during start of one connector should not leave some connectors started and some ignored. (kkolinko) 49195: Don't report an error when shutting down The injected XML parser(s) could then bypass the limits imposed on XML external entities and/or have visibility of the XML files processed for other web applications deployed on the same Tomcat Show 8 replies Re: Apache Tomcat 6.0.36 vulnerabilities nicole pauls Oct 16, 2013 11:40 PM (in response to evanr) Yes, we do.
Affects: 6.0.0-6.0.18 Low: Information disclosure CVE-2009-0580 Due to insufficient error checking in some authentication classes, Tomcat allows for the enumeration (brute force testing) of user names by supplying illegally URL encoded Trav. Binary versions of tcnative 1.1.24 - 1.1.29 include this vulnerable version of OpenSSL. Tomcat 8 Vulnerabilities Specify log directory path when ininstalling, so that the log file is written to the Tomcat logs directory, instead of "%SystemRoot%\System32\LogFiles\Apache". (kkolinko) 49993, 56143: Improve service.bat script.
There was no limit to the size of request body that Tomcat would swallow. Apache Tomcat 6.0.36 Vulnerabilities Based on a patch by Jim Riggs. (markt/kkolinko) 50413: Additional fix that ensures the error page is served regardless of any Range headers in the original request. (kkolinko) 50550: When a This defaults to 10000. Patch provided by M Gemmell. (kkolinko) 56561: Avoid NoSuchElementException while handling attributes with empty string value. (violetagg) 56612: Correctly parse consecutive escaped single quotes when used in an EL expression. (markt)
This enabled a XSS attack. Apache Tomcat 6.0 32 Error Report This was fixed in revision 734734. Patch provided by Sampo Savolainen. (markt) 49657: Handle CGI executables with spaces in the path. (markt) 49667: Ensure that using the JDBC driver memory leak prevention code does not cause a Thanks Like Show 0 Likes(0) Actions Re: Apache Tomcat 6.0.36 vulnerabilities nicole pauls Aug 15, 2014 8:49 AM (in response to evanr) Wanted to confirm, we have a service release in
It should also be noted that setting useBodyEncodingForURI="true" has the same effect as setting URIEncoding="UTF-8" when processing requests with bodies encoded with UTF-8. https://bug.javlin.eu/secure/attachment/14597/Apache+Tomcat+6.0.36+-+Error+report+-+task+history.htm This was fixed in revision 662585. Apache Tomcat Error Report Http Status 404 This was fixed in revisions 1727166 and 1727182. Apache Tomcat Security Vulnerabilities These issues reduced the security of DIGEST authentication making replay attacks possible in some circumstances.
Patch by Robbie Gibson. (markt) 56010: Don't throw an IllegalArgumentException when JspFactory.getPageContext is used with JspWriter.DEFAULT_BUFFER. this page Are there any plans to upgrade the version of Apache Tomcat? 837Views Tags: none (add) This content has been marked as final. Important: Denial of Service CVE-2014-0075 It was possible to craft a malformed chunk size as part of a chucked request that enabled an unlimited amount of data to be streamed to In some circumstances this lead to the leaking of information such as session ID to an attacker. Apache Tomcat Input Validation Security Bypass Vulnerability
The NIO connector is not vulnerable as it does not support renegotiation. This was first reported to the Tomcat security team on 5 Mar 2009 and made public on 6 Mar 2009. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue. 26 get redirected here This was fixed in revision 1417891.
This was fixed in revision 1603628. Apache Tomcat 6.0 35 Exploit Add support for running the tests with Apache Ant. (kkolinko) Update to Tomcat Native Library version 1.1.34. (jfclere) Remove support for Intel Itanium CPU (i64, IA-64) in the Windows installer, as Daily Visitors N/A Avg.
Browse other questions tagged java tomcat or ask your own question. This enabled a XSS attack. This was fixed in revision 1558828. Apache Tomcat 6.0.24 Vulnerabilities This vulnerability only occurs when Tomcat is running web applications from untrusted sources such as in a shared hosting environment.
Important: Information Disclosure CVE-2008-5515 When using a RequestDispatcher obtained from the Request, the target path was normalised before the query string was removed. out of the source tree). (kkolinko) 54390: Use 'java_home' on Mac OS X to auto-detect JAVA_HOME. (schultz) 54601: Change catalina.sh to consistently use LOGGING_MANAGER variable to configure logging, instead of modifying In some circumstances this lead to the leaking of information such as session ID to an attacker. useful reference This issue was identified by the Tomcat security team on 12 April 2014 and made public on 27 May 2014.
Related 2Why is my Tomcat server restarting and what is org.apache.catalina.core.AprLifecycleListener?8Tomcat reporting 404 error on all of newly deployed WAR files?4562Why is subtracting these two times (in 1927) giving a strange This issue was identified by the Tomcat security team on 27 February 2014 and made public on 27 May 2014. This permitted an attacker to have full control over the AJP message permitting authentication bypass and information disclosure. The following Java system properties have been added to Tomcat to provide additional control of the handling of path delimiters in URLs (both options default to false): org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH: true|false org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH: true|false
This was fixed in revision 1185998. Hence, only versions 6.0.21 onwards are listed as vulnerable. Visit sm399.com Domain info Location: Korea, Republic of Owned by: long haijun (haijunlong) Hosted by: KDDI KOREA Registered by: HICHINA ZHICHENG TECHNOLOGY LTD. The security implications were identified by the Tomcat security team the day the report was received and made public on 27 May 2014.
Require RuntimePermission when introducing a new token. (markt/kkolinko) Coyote Fix CVE-2014-0075: Improve processing of chuck size from chunked headers. Affects: 6.0.0-6.0.32 Important: Information disclosure CVE-2011-2729 Due to a bug in the capabilities code, jsvc (the service wrapper for Linux that is part of the Commons Daemon project) does not drop Affects: OpenSSL 1.0.1-1.0.1f, tcnative 1.1.24-1.1.29 Copyright © 1999-2016, The Apache Software Foundation Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Adding maxHttpHeaderSize="10485760" maxPostSize="10485760" to the Connector-node of Tomcat's server.xml.
more stack exchange communities company blog Stack Exchange Inbox Reputation and Badges sign up log in tour help Tour Start here for a quick overview of the site Help Center Detailed That behaviour can be used for a denial of service attack using a carefully crafted request. This was fixed in revision 1153824. E.g. 404 instead of 403. (kkolinko) Add SetCharacterEncodingFilter (similar to the one contained in the examples web application) to the org.apache.catalina.filters package so that it is available for all web applications.