news 28 Posted September 5, 2008 This is a multi-part message in MIME format... ------------=_1220655039-11275-8887 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:188 http://www.mandriva.com/security/ _______________________________________________________________________ Package : tomcat5 Date : September 5, 2008 Affected: 2008.0, 2008.1 _______________________________________________________________________ Problem Description: A number of vulnerabilities have been discovered in the Apache Tomcat server: The default catalina.policy in the JULI logging component did not restrict certain permissions for web applications which could allow a remote attacker to modify logging configuration options and overwrite arbitrary files (CVE-2007-5342). A cross-site scripting vulnerability was found in the HttpServletResponse.sendError() method which could allow a remote attacker to inject arbitrary web script or HTML via forged HTTP headers (CVE-2008-1232). A cross-site scripting vulnerability was found in the host manager application that could allow a remote attacker to inject arbitrary web script or HTML via the hostname parameter (CVE-2008-1947). A traversal vulnerability was found when using a RequestDispatcher in combination with a servlet or JSP that could allow a remote attacker to utilize a specially-crafted request parameter to access protected web resources (CVE-2008-2370). A traversal vulnerability was found when the 'allowLinking' and 'URIencoding' settings were actived which could allow a remote attacker to use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process (CVE-2008-2938). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 56ca5eb3e331c6675634a5e3f3c5afd7 2008.0/i586/tomcat5-5.5.23-9.2.10.2mdv2008.0.i586.rpm a1c688654decf045f80fb6d8978c73fa 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm 2b7a97313ece05bbd5596045853cfca0 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm e8384332efad0e2317a646241bece6ee 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.i586.rpm a30cc8061f55f2613c517574263cdd21 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 4f4a12c8479f27c7f9ed877f5821afa3 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm ced904c459478c1123ed5da41dddbd7f 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 183e045a9b44747c7a4adaec5c860441 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm 78af5a5788ac359a99a24f03a39c7b94 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm 8e8569bfab5abef912299b9b751e49e9 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 6899c327906423cdd02b930221c2496e 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: c4d1c4471c29d8cd34adb9f2002ef294 2008.0/x86_64/tomcat5-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 2caf09173a64a378636496196d99756f 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm d6a9a290638267a1117a55041986d31a 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 2eead87d72af58ddc9e934b55e49a1aa 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 0fab26f89e83c882c5948a430bf82c8b 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 833334424b555a77e2a9951b71ed8fa3 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 115561d6233c3890cf3b85a7599ed03b 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm eccf76ede6fb9256a2b52c861a9b0bb3 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm cd9df1a8a1a5cb3216221bdefdfe8476 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm f7440a4111ec2fd30fa32e4bd74a0a20 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 1464eb297888c4df98d8b7eabe7f0197 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm Mandriva Linux 2008.1: 594abdc70bc430657eb831520926c73f 2008.1/i586/tomcat5-5.5.25-1.2.1.1mdv2008.1.i586.rpm bdec2b83b4fdb4d10a01a65fbdac512d 2008.1/i586/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm 3dbc007722996d1c36f31642f80b5c2a 2008.1/i586/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm 04b23d162d13f84d1d8707646ea9148c 2008.1/i586/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.i586.rpm 602bf7d4ff261e8af20d50b9e76634bb 2008.1/i586/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.i586.rpm 0066e7519a2d3478f0a3e70bd95a7e5b 2008.1/i586/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm 1ba4743762cfa4594a27f0393de47823 2008.1/i586/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm 262f2a39b800562cef36d724ce3efa35 2008.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm b9f2af35a734d0e3a2d9bfe292aaced1 2008.1/i586/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm 8307ef374c5b995feac394b6f27474d5 2008.1/i586/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm 3f4692170c35f992defcb4111a8133cd 2008.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm 02b9d28af879b825754eff6199bf1788 2008.1/i586/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 6b1e03e5206eb262970198dccba7d0a3 2008.1/x86_64/tomcat5-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 930cf38058a0f8902e2741c6512e0aa0 2008.1/x86_64/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm c527521cb93bab31df3f91422faf02a6 2008.1/x86_64/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm f8bef98047ef956c8e4c0f877155e1f1 2008.1/x86_64/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 97a8a59178259d26838ce20c176c459a 2008.1/x86_64/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 3bb885debc8576bd305c9fa4c9d25bfb 2008.1/x86_64/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 66dcf08e163fdaaf81992a7d25d84a20 2008.1/x86_64/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm dd92aab81bf4c75ab30b9b82153b24c0 2008.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 517ed776282d089dd84f81d47104f660 2008.1/x86_64/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 83d4bb973b7fec461e812d74541a5949 2008.1/x86_64/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm cbdd58e1c9e1e8f0089af055abbd85e0 2008.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm cbee0f1f720269f77a66e30709ecd7ae 2008.1/x86_64/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIwYsKmqjQ0CJFipgRApJjAKCVZ1XtEGoADQcp8l/m1ECSRstnjACg4qE8 j+sCdAEJN0CXvurmFcjUvNU= =+kFf -----END PGP SIGNATURE----- ------------=_1220655039-11275-8887 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________ ------------=_1220655039-11275-8887-- Share this post Link to post