CVE-2007-3385

MEDIUM

Description

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.

References

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

http://secunia.com/advisories/26466

http://secunia.com/advisories/26898

http://secunia.com/advisories/27037

http://secunia.com/advisories/27267

http://secunia.com/advisories/27727

http://secunia.com/advisories/28317

http://secunia.com/advisories/28361

http://secunia.com/advisories/29242

http://secunia.com/advisories/30802

http://secunia.com/advisories/33668

http://secunia.com/advisories/36486

http://secunia.com/advisories/44183

http://securityreason.com/securityalert/3011

http://securitytracker.com/id?1018557

http://support.apple.com/kb/HT2163

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

http://tomcat.apache.org/security-6.html

http://www.debian.org/security/2008/dsa-1447

http://www.debian.org/security/2008/dsa-1453

http://www.kb.cert.org/vuls/id/993544

http://www.mandriva.com/security/advisories?name=MDKSA-2007:241

http://www.redhat.com/support/errata/RHSA-2007-0871.html

http://www.redhat.com/support/errata/RHSA-2007-0950.html

http://www.redhat.com/support/errata/RHSA-2008-0195.html

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://www.securityfocus.com/archive/1/476444/100/0/threaded

http://www.securityfocus.com/archive/1/500396/100/0/threaded

http://www.securityfocus.com/archive/1/500412/100/0/threaded

http://www.securityfocus.com/bid/25316

http://www.vupen.com/english/advisories/2007/2902

http://www.vupen.com/english/advisories/2007/3386

http://www.vupen.com/english/advisories/2007/3527

http://www.vupen.com/english/advisories/2008/1981/references

http://www.vupen.com/english/advisories/2009/0233

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562

https://exchange.xforce.ibmcloud.com/vulnerabilities/35999

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

Details

Source: MITRE

Published: 2007-08-14

Updated: 2019-03-25

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:tomcat:3.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:3.3.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:3.3.1a:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:3.3.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.9:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.30:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
121113Apache Tomcat < 6.0.14 Multiple VulnerabilitiesNessusWeb Servers
medium
67564Oracle Linux 5 : tomcat (ELSA-2007-0871)NessusOracle Linux Local Security Checks
medium
51059Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.25 Multiple VulnerabilitiesNessusWeb Servers
medium
47030Apache Tomcat 4.x < 4.1.37 Multiple VulnerabilitiesNessusWeb Servers
medium
43837RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)NessusRed Hat Local Security Checks
critical
43835RHEL 4 : Satellite Server (RHSA-2008:0261)NessusRed Hat Local Security Checks
critical
43834RHEL 3 / 4 : tomcat in Satellite Server (RHSA-2007:1069)NessusRed Hat Local Security Checks
medium
43651CentOS 5 : tomcat (CESA-2007:0871)NessusCentOS Local Security Checks
medium
41596SuSE 10 Security Update : Websphere Community Edition (ZYPP Patch Number 5850)NessusSuSE Local Security Checks
high
41198SuSE9 Security Update : Tomcat (YOU Patch Number 12078)NessusSuSE Local Security Checks
medium
38147Mandrake Linux Security Advisory : tomcat5 (MDKSA-2007:241)NessusMandriva Local Security Checks
medium
33282Mac OS X Multiple Vulnerabilities (Security Update 2008-004)NessusMacOS X Local Security Checks
critical
33281Mac OS X 10.5.x < 10.5.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
31338openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4997)NessusSuSE Local Security Checks
medium
31319openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4992)NessusSuSE Local Security Checks
medium
31298SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 4990)NessusSuSE Local Security Checks
medium
29872Debian DSA-1453-1 : tomcat5 - several vulnerabilitiesNessusDebian Local Security Checks
medium
29856Debian DSA-1447-1 : tomcat5.5 - several vulnerabilitiesNessusDebian Local Security Checks
medium
28258Fedora 8 : tomcat5-5.5.25-1jpp.1.fc8 (2007-3474)NessusFedora Local Security Checks
medium
28257Fedora 7 : tomcat5-5.5.25-1jpp.1.fc7 (2007-3456)NessusFedora Local Security Checks
medium
26190RHEL 5 : tomcat (RHSA-2007:0871)NessusRed Hat Local Security Checks
medium
4167Apache Tomcat < 5.5.25 / 6.0.x < 6.0.14 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
4564Mac OS X < 10.5.4 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical