tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

SuSE 10 Security Update : tomcat5 (ZYPP Patch Number 8397)

This update of tomcat5 fixed the following security issues : - tomcat: cnonce tracking weakness. CVE-2012-5885 - tomcat: stale nonce weakness. CVE-2012-5887 - tomcat: authentication caching weakness. CVE-2012-5886 - tomcat: affected by slowloris DoS. CVE-2012-5568 - tomcat: Bypass of security...

SuSE 11.2 Security Update : tomcat6 (SAT Patch Number 7208)

This update of tomcat6 fixes the following security issues : - denial of service. CVE-2012-4534 - tomcat: HTTP NIO connector OOM DoS via a request with large headers. CVE-2012-2733 - tomcat: cnonce tracking weakness. CVE-2012-5885 - tomcat: authentication caching weakness. CVE-2012-5886 - tomcat:...

CVE-2012-4543

Multiple cross-site scripting XSS vulnerabilities in Red Hat Certificate System RHCS before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 pageStart or 2 pageSize to the displayCRL script, or 3 nonce variable to the profileProcess script...

Apache Tomcat 7.0.x < 7.0.30 DIGEST Authentication Multiple Security Weaknesses

Binary data 800606.prm...

Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities

Binary data 6657.pasl...

Apache Tomcat 5.5.x < 5.5.36 DIGEST Authentication Multiple Security Weaknesses

According to its self-reported version number, the instance of Apache Tomcat 5.5.x listening on the remote host is prior to 5.5.36. It is, therefore, affected by the following vulnerabilities : - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead...

CVE-2012-5885

Removed by vendor...

tomcat -- authentication weaknesses

The Apache Software Foundation reports: Three weaknesses in Tomcat's implementation of DIGEST authentication were identified and resolved: Tomcat tracked client rather than server nonces and nonce count. When a session ID was present, authentication was bypassed. The user name and password were n...

PT-2012-4712 · Apache · Apache Tomcat

Name of the Vulnerable Software and Affected Versions: Apache Tomcat affected versions not specified Description: The issue concerns weaknesses in Tomcat's implementation of DIGEST authentication. Specifically, Tomcat tracked client rather than server nonces and nonce count, which reduced the...

Fixed in Apache Tomcat 5.5.36

Moderate: DIGEST authentication weakness CVE-2012-3439 Three weaknesses in Tomcat's implementation of DIGEST authentication were identified and resolved: 1. Tomcat tracked client rather than server nonces and nonce count. 2. When a session ID was present, authentication was bypassed. 3. The user...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

WordPress Subscribe2 8.0 Cross Site Scripting

Hi We have used our tool, THAPS, to identify vulnerabilities in this WordPress plugin. We have confirmed at least one of the reported vulnerabilities and created a working exploit located below. Attached is one or more log files containing the output of our tool, identifying the location of the...

PT-2012-3667 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions 3.3.1 and earlier Description: The issue is related to the wp create nonce function, which associates a nonce with a user account instead of a user session. This might make it easier for remote attackers to conduct cross-si...

MongoDB Login Utility

This module attempts to brute force authentication credentials for MongoDB. Note that, by default, MongoDB does not require authentication. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mongo...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...