tomcat:catalina 4.0.4 vulnerabilities

Known vulnerabilities in the tomcat:catalina package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Cross-site Request Forgery (CSRF) tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). It allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a `/manager/html/undeploy?path=` URI. NOTE: the vendor disputes the significance of this report, stating that the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator. How to fix Cross-site Request Forgery (CSRF)? There is no fixed version for `tomcat:catalina`.	[0,)
H Authentication Bypass tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Authentication Bypass. By default, Tomcat automatically deploys any directories placed in ahost's `appBase`. This behaviour is controlled by the autoDeploy `attributeof`which defaults to true. Depending on circumstances, files normally protected by one or more security constraints may be deployed without those security constraints, making them accessible without authentication. Note: This issue only affects Windows platforms.This was fixed in revision 892815. How to fix Authentication Bypass? There is no fixed version for `tomcat:catalina`.	[0,)
H Access Restriction Bypass tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Access Restriction Bypass. It was discovered that it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not. How to fix Access Restriction Bypass? Upgrade `tomcat:catalina` to version 5.5.24 or higher.	[4.0.4,5.5.24)
M Timing Attack tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Timing Attack. The `setGlobalContext` method in `ResourceLinkFactory.java` does not consider whether callers to this method are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context. How to fix Timing Attack? Upgrade `tomcat:catalina` to version 5.5.24 or higher.	[4,5.5.24)
M Denial of Service (DoS) `tomcat:catalina` Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.	[,5.5.35)
M Access Restriction Bypass `tomcat:catalina` The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.	[,5.5.34)

Vulnerability

Vulnerable Version

Cross-site Request Forgery (CSRF)

tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). It allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI. NOTE: the vendor disputes the significance of this report, stating that the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator.

How to fix Cross-site Request Forgery (CSRF)?

There is no fixed version for tomcat:catalina.

[0,)

Authentication Bypass

tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Authentication Bypass. By default, Tomcat automatically deploys any directories placed in ahost's appBase. This behaviour is controlled by the autoDeploy attributeofwhich defaults to true. Depending on circumstances, files normally protected by one or more security constraints may be deployed without those security constraints, making them accessible without authentication.

Note: This issue only affects Windows platforms.This was fixed in revision 892815.

How to fix Authentication Bypass?

There is no fixed version for tomcat:catalina.

[0,)

Access Restriction Bypass

tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Access Restriction Bypass. It was discovered that it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.

How to fix Access Restriction Bypass?

Upgrade tomcat:catalina to version 5.5.24 or higher.

[4.0.4,5.5.24)

Timing Attack

tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Timing Attack. The setGlobalContext method in ResourceLinkFactory.java does not consider whether callers to this method are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.

How to fix Timing Attack?

Upgrade tomcat:catalina to version 5.5.24 or higher.

[4,5.5.24)

Denial of Service (DoS)

tomcat:catalina Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

[,5.5.35)

Access Restriction Bypass

tomcat:catalina The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.

[,5.5.34)

tomcat:catalina@4.0.4 vulnerabilities

latest version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities

How to fix?