The Apache Tomcat version 7.0.0 < 7.0.33 is vulnerable to CVE-2013-2067 due to improper handling of authentication requirements and sessions, allowing remote attackers to inject requests into a session
Reporter | Title | Published | Views | Family All 85 |
---|---|---|---|---|
Veracode | Session Fixation During Completion Of The Login Form | 15 Jan 201908:55 | โ | veracode |
OpenVAS | RedHat Update for tomcat6 RHSA-2013:0964-01 | 24 Jun 201300:00 | โ | openvas |
OpenVAS | RedHat Update for tomcat6 RHSA-2013:0964-01 | 24 Jun 201300:00 | โ | openvas |
OpenVAS | CentOS Update for tomcat6 CESA-2013:0964 centos6 | 24 Jun 201300:00 | โ | openvas |
OpenVAS | Apache Tomcat Session Fixation Vulnerability (Nov 2012) - Windows | 6 Jun 201300:00 | โ | openvas |
OpenVAS | Apache Tomcat Session Fixation Vulnerability (Nov 2012) - Linux | 19 Oct 202100:00 | โ | openvas |
OpenVAS | CentOS Update for tomcat6 CESA-2013:0964 centos6 | 24 Jun 201300:00 | โ | openvas |
OpenVAS | Oracle: Security Advisory (ELSA-2013-0964) | 6 Oct 201500:00 | โ | openvas |
OpenVAS | Apache Tomcat 6.0.x < 6.0.37 Multiple Vulnerabilities - Linux | 29 Oct 202100:00 | โ | openvas |
OpenVAS | Ubuntu: Security Advisory (USN-1841-1) | 31 May 201300:00 | โ | openvas |
Source | Link |
---|---|
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
svn | www.svn.apache.org/viewvc |
nessus | www.nessus.org/u |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(66427);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/23");
script_cve_id("CVE-2013-2067");
script_bugtraq_id(59799);
script_name(english:"Apache Tomcat 7.0.0 < 7.0.33");
script_set_attribute(attribute:"synopsis", value:
"The remote Apache Tomcat server is affected by a vulnerability");
script_set_attribute(attribute:"description", value:
"The version of Tomcat installed on the remote host is prior to 7.0.33. It is, therefore, affected by a vulnerability as
referenced in the fixed_in_apache_tomcat_7.0.33_security-7 advisory.
- java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache
Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between
authentication requirements and sessions, which allows remote attackers to inject a request into a session
by sending this request during completion of the login form, a variant of a session fixation attack.
(CVE-2013-2067)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.33
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d248664b");
script_set_attribute(attribute:"see_also", value:"https://svn.apache.org/viewvc?view=rev&rev=1408044");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apache Tomcat version 7.0.33 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2067");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/05/10");
script_set_attribute(attribute:"patch_publication_date", value:"2012/11/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/15");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apache:tomcat:7");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tomcat_error_version.nasl", "tomcat_win_installed.nbin", "apache_tomcat_nix_installed.nbin", "os_fingerprint.nasl");
script_require_keys("installed_sw/Apache Tomcat");
exit(0);
}
include('vcf_extras.inc');
vcf::tomcat::initialize();
var app_info = vcf::combined_get_app_info(app:'Apache Tomcat');
var constraints = [
{ 'min_version' : '7.0.0', 'max_version' : '7.0.32', 'fixed_version' : '7.0.33' }
];
vcf::check_all_backporting(app_info:app_info);
vcf::check_granularity(app_info:app_info, sig_segments:3);
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo