(RHSA-2013:0640) Important: tomcat5 security update

2013-03-1200:00:00

access.redhat.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.1%

JSON

Apache Tomcat is a servlet container.

It was found that when an application used FORM authentication, along with
another component that calls request.setUserPrincipal() before the call to
FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was
possible to bypass the security constraint checks in the FORM authenticator
by appending “/j_security_check” to the end of a URL. A remote attacker
with an authenticated session on an affected application could use this
flaw to circumvent authorization controls, and thereby access resources not
permitted by the roles associated with their authenticated session.
(CVE-2012-3546)

Multiple weaknesses were found in the Tomcat DIGEST authentication
implementation, effectively reducing the security normally provided by
DIGEST authentication. A remote attacker could use these flaws to perform
replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,
CVE-2012-5887)

Users of Tomcat should upgrade to these updated packages, which correct
these issues. Tomcat must be restarted for this update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat5ppctomcat5< 5.5.23-0jpp.38.el5_9tomcat5-5.5.23-0jpp.38.el5_9.ppc.rpm
RedHat5i386tomcat5-debuginfo< 5.5.23-0jpp.38.el5_9tomcat5-debuginfo-5.5.23-0jpp.38.el5_9.i386.rpm
RedHat5ppctomcat5-server-lib< 5.5.23-0jpp.38.el5_9tomcat5-server-lib-5.5.23-0jpp.38.el5_9.ppc.rpm
RedHat5s390xtomcat5-webapps< 5.5.23-0jpp.38.el5_9tomcat5-webapps-5.5.23-0jpp.38.el5_9.s390x.rpm
RedHat5s390xtomcat5-servlet-2.4-api< 5.5.23-0jpp.38.el5_9tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.s390x.rpm
RedHat5ppctomcat5-jsp-2.0-api-javadoc< 5.5.23-0jpp.38.el5_9tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.ppc.rpm
RedHat5i386tomcat5-admin-webapps< 5.5.23-0jpp.38.el5_9tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.i386.rpm
RedHat5x86_64tomcat5-jsp-2.0-api< 5.5.23-0jpp.38.el5_9tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.x86_64.rpm
RedHat5x86_64tomcat5-jasper-javadoc< 5.5.23-0jpp.38.el5_9tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm
RedHat5srctomcat5< 5.5.23-0jpp.38.el5_9tomcat5-5.5.23-0jpp.38.el5_9.src.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	5	ppc	tomcat5	< 5.5.23-0jpp.38.el5_9	tomcat5-5.5.23-0jpp.38.el5_9.ppc.rpm
RedHat	5	i386	tomcat5-debuginfo	< 5.5.23-0jpp.38.el5_9	tomcat5-debuginfo-5.5.23-0jpp.38.el5_9.i386.rpm
RedHat	5	ppc	tomcat5-server-lib	< 5.5.23-0jpp.38.el5_9	tomcat5-server-lib-5.5.23-0jpp.38.el5_9.ppc.rpm
RedHat	5	s390x	tomcat5-webapps	< 5.5.23-0jpp.38.el5_9	tomcat5-webapps-5.5.23-0jpp.38.el5_9.s390x.rpm
RedHat	5	s390x	tomcat5-servlet-2.4-api	< 5.5.23-0jpp.38.el5_9	tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.s390x.rpm
RedHat	5	ppc	tomcat5-jsp-2.0-api-javadoc	< 5.5.23-0jpp.38.el5_9	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.ppc.rpm
RedHat	5	i386	tomcat5-admin-webapps	< 5.5.23-0jpp.38.el5_9	tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.i386.rpm
RedHat	5	x86_64	tomcat5-jsp-2.0-api	< 5.5.23-0jpp.38.el5_9	tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.x86_64.rpm
RedHat	5	x86_64	tomcat5-jasper-javadoc	< 5.5.23-0jpp.38.el5_9	tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm
RedHat	5	src	tomcat5	< 5.5.23-0jpp.38.el5_9	tomcat5-5.5.23-0jpp.38.el5_9.src.rpm