Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Apache Tomcat
Опубликовано:26 ноября 2012 г.
Источник:
SecurityVulns ID:12725
Тип:удаленная
Уровень опасности:
6/10
Описание:Обход авторизации и replay-атаки при использовании авторизации Digest, DoS.
Затронутые продукты:APACHE : Tomcat 5.5
 APACHE : Tomcat 6.0
CVE:CVE-2012-5887 (The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.)
 CVE-2012-5886 (The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.)
 CVE-2012-5885 (The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.)
 CVE-2012-2733 (java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.)
Оригинальный текстdocumentUBUNTU, [USN-1637-1] Tomcat vulnerabilities (26.11.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород