LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

September 2007

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA September 2007

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA for tomcat on SL5.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Tue, 18 Sep 2007 15:47:14 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (69 lines)

Synopsis:	Moderate: tomcat security update

Issue date:	2007-07-17

CVE Names:	CVE-2007-2449 CVE-2007-2450

		CVE-2005-2090 CVE-2006-7195 CVE-2007-0450



Some JSPs within the 'examples' web application did not escape user

provided data. If the JSP examples were accessible, this flaw could allow a

remote attacker to perform cross-site scripting attacks (CVE-2007-2449).



Note: it is recommended the 'examples' web application not be installed on

a production system.



The Manager and Host Manager web applications did not escape user provided

data. If a user is logged in to the Manager or Host Manager web

application, an attacker could perform a cross-site scripting attack 

(CVE-2007-2450).



Tomcat was found to accept multiple content-length headers in a

request. This could allow attackers to poison a web-cache, bypass web

application firewall protection, or conduct cross-site scripting attacks.

(CVE-2005-2090)



Tomcat permitted various characters as path delimiters. If Tomcat was used

behind certain proxies and configured to only proxy some contexts, an

attacker could construct an HTTP request to work around the context

restriction and potentially access non-proxied content. (CVE-2007-0450)



The implict-objects.jsp file distributed in the examples webapp displayed a

number of unfiltered header values. If the JSP examples were accessible,

this flaw could allow a remote attacker to perform cross-site scripting

attacks. (CVE-2006-7195)



SL 5.x



   SRPMS:

tomcat5-5.5.23-0jpp.1.0.4.el5.src.rpm

jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.src.rpm

   i386:

jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.i386.rpm

jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.i386.rpm

tomcat5-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-admin-webapps-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-common-lib-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-jasper-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-server-lib-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.4.el5.i386.rpm

tomcat5-webapps-5.5.23-0jpp.1.0.4.el5.i386.rpm

   x86_64:

jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.x86_64.rpm

jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.x86_64.rpm

tomcat5-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-admin-webapps-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-common-lib-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-jasper-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-server-lib-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.4.x86_64.rpm

tomcat5-webapps-5.5.23-0jpp.1.0.4.x86_64.rpm



-Connie Sieh

-Troy Dawson

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV