7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.012 Low
EPSS
Percentile
85.2%
Issue Overview:
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
Affected Packages:
tomcat6
Issue Correction:
Run yum update tomcat6 to update your system.
New Packages:
noarch:
tomcat6-el-2.1-api-6.0.33-1.26.amzn1.noarch
tomcat6-javadoc-6.0.33-1.26.amzn1.noarch
tomcat6-lib-6.0.33-1.26.amzn1.noarch
tomcat6-admin-webapps-6.0.33-1.26.amzn1.noarch
tomcat6-servlet-2.5-api-6.0.33-1.26.amzn1.noarch
tomcat6-6.0.33-1.26.amzn1.noarch
tomcat6-jsp-2.1-api-6.0.33-1.26.amzn1.noarch
tomcat6-webapps-6.0.33-1.26.amzn1.noarch
tomcat6-docs-webapp-6.0.33-1.26.amzn1.noarch
src:
tomcat6-6.0.33-1.26.amzn1.src
Red Hat: CVE-2011-1184, CVE-2011-2204, CVE-2011-3190
Mitre: CVE-2011-1184, CVE-2011-2204, CVE-2011-3190
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | noarch | tomcat6-el-2.1-api | < 6.0.33-1.26.amzn1 | tomcat6-el-2.1-api-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6-javadoc | < 6.0.33-1.26.amzn1 | tomcat6-javadoc-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6-lib | < 6.0.33-1.26.amzn1 | tomcat6-lib-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6-admin-webapps | < 6.0.33-1.26.amzn1 | tomcat6-admin-webapps-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6-servlet-2.5-api | < 6.0.33-1.26.amzn1 | tomcat6-servlet-2.5-api-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6 | < 6.0.33-1.26.amzn1 | tomcat6-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6-jsp-2.1-api | < 6.0.33-1.26.amzn1 | tomcat6-jsp-2.1-api-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6-webapps | < 6.0.33-1.26.amzn1 | tomcat6-webapps-6.0.33-1.26.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | tomcat6-docs-webapp | < 6.0.33-1.26.amzn1 | tomcat6-docs-webapp-6.0.33-1.26.amzn1.noarch.rpm |