Apache Tomcat 9.0.0.M11 < 9.0.0.M17 nextRequest Information Disclosure

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Apache Tomcat server is affected by an information
disclosure vulnerability.

Description :

The version of Apache Tomcat installed on the remote host is 9.0.0.M11
or later but prior to 9.0.0.M17. It is, therefore, affected by an
information disclosure vulnerability in the nextRequest() function in
Http11InputBuffer.java due to improper limits of a ByteBuffer being
set. An unauthenticated, remote attacker can exploit this to disclose
ByteBuffer data associated with a different request.

Note that Nessus has not attempted to exploit this issue but has
instead relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?3d171616

Solution :

Upgrade to Apache Tomcat version 9.0.0.M17 or later.

Note that the vulnerability was also fixed in version 9.0.0.M16;
however, this version was never publicly released.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 99362 ()

Bugtraq ID: 96895

CVE ID: CVE-2016-8747

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now