http://docs.info.apple.com/article.html?artnum=306172

SSRT071447

APPLE-SA-2007-07-31

SUSE-SR:2008:005

25383

25701

26235

26512

27037

29242

GLSA-200708-15

http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1

http://tomcat.apache.org/security-jk.html

DSA-1312

34877

RHSA-2007:0379

RHSA-2008:0261

24147

25159

1018138

ADV-2007-1941

ADV-2007-2732

ADV-2007-3386

tomcat-jkconnector-security-bypass(34496)

[tomcat-dev] 20190413 svn commit: r1857494 [18/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

[tomcat-dev] 20190415 svn commit: r1857582 [20/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

[tomcat-dev] 20190325 svn commit: r1856174 [25/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

oval:org.mitre.oval:def:6002

Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components.

This update has been rated as having low security impact by the Red Hat Security Response Team.

This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server 4.2. In a typical operating environment, these components are not exposed to users of Satellite Server in a vulnerable manner. These security updates will reduce risk in unique Satellite Server environments.

Multiple flaws were fixed in the Apache HTTPD server. These flaws could result in a cross-site scripting, denial-of-service, or information disclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197, CVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388)

A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)

A denial-of-service flaw was fixed in the jabberd server.
(CVE-2006-1329)

Multiple cross-site scripting flaws were fixed in the image map feature in the JFreeChart package. (CVE-2007-6306)

Multiple flaws were fixed in the IBM Java 1.4.2 Runtime.
(CVE-2007-0243, CVE-2007-2435, CVE-2007-2788, CVE-2007-2789)

Multiple flaws were fixed in the OpenMotif package. (CVE-2004-0687, CVE-2004-0688, CVE-2004-0914, CVE-2005-3964, CVE-2005-0605)

A flaw which could result in weak encryption was fixed in the perl-Crypt-CBC package. (CVE-2006-0898)

Multiple flaws were fixed in the Tomcat package. (CVE-2008-0128, CVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355, CVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195, CVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510)

Users of Red Hat Network Satellite Server 4.2 are advised to upgrade to 4.2.3, which resolves these issues.

Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

During an internal security review, a cross-site scripting flaw was found that affected the Red Hat Network channel search feature.
(CVE-2007-5961)

This release also corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server. In a typical operating environment, these components are not exposed to users of Satellite Server in a vulnerable manner. These security updates will reduce risk in unique Satellite Server environments.

Multiple flaws were fixed in the Apache HTTPD server. These flaws could result in a cross-site scripting, denial-of-service, or information disclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197, CVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388)

A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)

A denial-of-service flaw was fixed in the jabberd server.
(CVE-2006-1329)

Multiple cross-site scripting flaws were fixed in the image map feature in the JFreeChart package. (CVE-2007-6306)

Multiple flaws were fixed in the IBM Java 1.4.2 Runtime.
(CVE-2007-0243, CVE-2007-2435, CVE-2007-2788, CVE-2007-2789)

Two arbitrary code execution flaws were fixed in the OpenMotif package. (CVE-2005-3964, CVE-2005-0605)

A flaw which could result in weak encryption was fixed in the perl-Crypt-CBC package. (CVE-2006-0898)

Multiple flaws were fixed in the Tomcat package. (CVE-2008-0128, CVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355, CVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195, CVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510)

Users of Red Hat Network Satellite Server 5.0 are advised to upgrade to 5.0.2, which resolves these issues.

Fixed various issues in tomcat :

  - mod_jk directory traversal. (CVE-2007-1860)

  - Handling of cookies containing a ' character.
    (CVE-2007-3382)

  - Handling of a double-quote character in cookies.
    (CVE-2007-3385)

  - tomcat path traversal / information leak.
    (CVE-2007-5641)

  - tomcat HTTP Request Smuggling. (CVE-2005-2090)

  - tomcat https information disclosure. (CVE-2008-0128)

Fixed various issues in tomcat :

  - CVE-2007-3382: Handling of cookies containing a '     character

  - CVE-2007-3385: Handling of \' in cookies

  - CVE-2007-5641: tomcat path traversal / information leak

  - CVE-2007-1860: directory traversal

  - CVE-2007-3386: tomcat XSS 

  - CVE-2007-5342: insufficient access restrictions

Additionally the dbcp namespace in commons-dbcp.jar was fixed.

Fixed various issues in tomcat :

  - CVE-2006-7196: Cross-site scripting (XSS) vulnerability     in example JSP applications

  - CVE-2007-3382: Handling of cookies containing a '     character

  - CVE-2007-3385: Handling of \' in cookies

  - CVE-2007-5641: tomcat path traversal / information leak

  - CVE-2007-1860: directory traversal

  - CVE-2008-0128: tomcat https information disclosure

  - CVE-2005-2090: tomcat HTTP Request Smuggling

- Cross-site scripting (XSS) vulnerability in example JSP     applications. (CVE-2006-7196)

  - Handling of cookies containing a ' character.
    (CVE-2007-3382)

  - Handling of \' in cookies. (CVE-2007-3385)

  - tomcat path traversal / information leak.
    (CVE-2007-5641)

  - directory traversal. (CVE-2007-1860)

  - tomcat https information disclosure. (CVE-2008-0128)

  - tomcat HTTP Request Smuggling. (CVE-2005-2090)

The remote host is affected by the vulnerability described in GLSA-200708-15 (Apache mod_jk: Directory traversal)

    Apache mod_jk decodes the URL within Apache before passing them to     Tomcat, which decodes them a second time.
  Impact :

    A remote attacker could browse a specially crafted URL on an Apache     server running mod_jk, possibly gaining access to restricted resources.
  Workaround :

    There is no known workaround at this time.

The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. 

This update contains several security fixes for the following programs :

 - bzip2
 - CFNetwork
 - CoreAudio
 - cscope
 - gnuzip
 - iChat
 - Kerberos
 - mDNSResponder
 - PDFKit
 - PHP
 - Quartz Composer
 - Samba
 - SquirrelMail
 - Tomcat
 - WebCore
 - WebKit

It was discovered that the Apache 1.3 connector for the Tomcat Java servlet engine decoded request URLs multiple times, which can lead to information disclosure.

Kazu Nambo reports :

URL decoding the the Apache webserver prior to decoding in the Tomcat server could pypass access control rules and give access to pages on a different AJP by sending a crafted URL.

ID	Name	Product	Family	Severity
43837	RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)	Nessus	Red Hat Local Security Checks	critical
43835	RHEL 4 : Satellite Server (RHSA-2008:0261)	Nessus	Red Hat Local Security Checks	critical
41198	SuSE9 Security Update : Tomcat (YOU Patch Number 12078)	Nessus	SuSE Local Security Checks	medium
31338	openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4997)	Nessus	SuSE Local Security Checks	medium
31319	openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4992)	Nessus	SuSE Local Security Checks	medium
31298	SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 4990)	Nessus	SuSE Local Security Checks	medium
25921	GLSA-200708-15 : Apache mod_jk: Directory traversal	Nessus	Gentoo Local Security Checks	medium
25830	Mac OS X Multiple Vulnerabilities (Security Update 2007-007)	Nessus	MacOS X Local Security Checks	critical
25556	Debian DSA-1312-1 : libapache-mod-jk - programming error	Nessus	Debian Local Security Checks	medium
25427	FreeBSD : mod_jk -- information disclosure (d9405748-1342-11dc-a35c-001485ab073e)	Nessus	FreeBSD Local Security Checks	medium

CVE-2007-1860

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins

critical

critical

medium

medium

medium

medium

medium

critical

medium

medium