Apache Tomcat security restrictions bypass Vulnerability(CVE-2 0 1 6-6 7 9 7)-vulnerability warning-the black bar safety net

2016-10-29T00:00:00
ID MYHACK58:62201680650
Type myhack58
Reporter 佚名
Modified 2016-10-29T00:00:00

Description

Apache Tomcat security restrictions bypass Vulnerability(CVE-2 0 1 6-6 7 9 7)

Release date: 2016-10-27

Update date: 2016-10-28

Affected system:

Apache Group Tomcat 7.0.0-7.0.70

Description:

BUGTRAQ ID: 9 3 9 4 0

CVE(CAN) ID: CVE-2 0 1 6-6 7 9 7

Apache Tomcat is a popular open source JSP application server program.

Apache Tomcat 7.0.0-7.0.70 in the realization of the presence of security restriction bypass vulnerability. An attacker could exploit this vulnerability to bypass certain security restrictions, perform unauthorized actions.

<*source: the Apache Tomcat security team

*>

Recommendations:

Manufacturers patch:

The Apache Group

------------

The current vendors have released an upgrade patch to fix this security issue, please go to the manufacturers home page download:

<https://tomcat.apache.org/security-7.html>

http://svn.apache.org/viewvc?view=revision&revision=1 7 5 7 2 7 5