"Ubuntu Security Notice USN-788-1 June 15, 2009
tomcat6 vulnerabilities
CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781,
CVE-2009-0783
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.10:
libtomcat6-java 6.0.18-0ubuntu3.2
tomcat6-examples 6.0.18-0ubuntu3.2
Ubuntu 9.04:
libtomcat6-java 6.0.18-0ubuntu6.1
tomcat6-examples 6.0.18-0ubuntu6.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Iida Minehiko discovered that Tomcat did not properly normalise paths. A
remote attacker could send specially crafted requests to the server and
bypass security restrictions, gaining access to sensitive content.
(CVE-2008-5515)
Yoshihito Fukuyama discovered that Tomcat did not properly handle errors
when the Java AJP connector and mod_jk load balancing are used. A remote
attacker could send specially crafted requests containing invalid headers
to the server and cause a temporary denial of service. (CVE-2009-0033)
D. Matscheko and T. Hackner discovered that Tomcat did not properly handle
malformed URL encoding of passwords when FORM authentication is used. A
remote attacker could exploit this in order to enumerate valid usernames.
(CVE-2009-0580)
Deniz Cevik discovered that Tomcat did not properly escape certain
parameters in the example calendar application which could result in
browsers becoming vulnerable to cross-site scripting attacks when
processing the output. With cross-site scripting vulnerabilities, if a user
were tricked into viewing server output during a crafted server request, a
remote attacker could exploit this to modify the contents, or steal
confidential data (such as passwords), within the same domain.
(CVE-2009-0781)
Philippe Prados discovered that Tomcat allowed web applications to replace
the XML parser used by other web applications. Local users could exploit
this to bypass security restrictions and gain access to certain sensitive
files. (CVE-2009-0783)
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0u=
buntu3.2.diff.gz
Size/MD5: 22010 87c6105cd78ea5a8dbf62054fc4ba0aa
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0u=
buntu3.2.dsc
Size/MD5: 1378 823c008ffc927c0f3f5686fc6f5188d0
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.or=
ig.tar.gz
Size/MD5: 3484249 9bdbb1c1d79302c80057a70b18fe6721
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-jav=
a_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 174164 dd24331b2709bd6641b4055d0b052eae
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6=
.0.18-0ubuntu3.2_all.deb
Size/MD5: 2961944 63c8c3e0300ed70a240b79ddd3299efb
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0=
.18-0ubuntu3.2_all.deb
Size/MD5: 37370 b9b1bd6dc9cfb52107811295401c09e4
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.=
0.18-0ubuntu3.2_all.deb
Size/MD5: 53488 5006e5c394ec815f6d36c335d9f0abaf
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.=
18-0ubuntu3.2_all.deb
Size/MD5: 714516 768cacbb74453b1a2a49e55d61b7bedd
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_=
6.0.18-0ubuntu3.2_all.deb
Size/MD5: 419180 0663de0611fb9792d44aebad8aa24cc4
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.=
18-0ubuntu3.2_all.deb
Size/MD5: 18612 95544319007f1f90321469c5d314c72e
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0u=
buntu3.2_all.deb
Size/MD5: 24156 9f4d7a0671e9330ff2fa1a1c13a20c58
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0u=
buntu6.1.diff.gz
Size/MD5: 24779 221e0f51259495fd01da2a6b67358b17
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0u=
buntu6.1.dsc
Size/MD5: 1411 e3bac3c39b2e6db3267699a533b17add
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.or=
ig.tar.gz
Size/MD5: 3484249 9bdbb1c1d79302c80057a70b18fe6721
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-jav=
a-doc_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 246196 54e990e7893923b8b6df4bcce9f3ba22
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-jav=
a_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 172500 abf989790a45def65d5de9a7f9b010df
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6=
.0.18-0ubuntu6.1_all.deb
Size/MD5: 2846254 c1c0180751500ce58c51b97de9f2d6d9
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0=
.18-0ubuntu6.1_all.deb
Size/MD5: 37874 e7d401faba215af22ecff31b4a675fad
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.=
0.18-0ubuntu6.1_all.deb
Size/MD5: 53184 194153ab21adac9a47baaf92ea8d2acb
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.=
18-0ubuntu6.1_all.deb
Size/MD5: 714212 d52e9abc75108a8f059346e09d47b511
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_=
6.0.18-0ubuntu6.1_all.deb
Size/MD5: 418316 3a7110c9da4bd72a7019cbb75651da73
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.=
18-0ubuntu6.1_all.deb
Size/MD5: 20520 ea5e54c91e7055e281d61e63f0e140f2
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0u=
buntu6.1_all.deb
Size/MD5: 24952 ec80f910d6c8e606c090ba8dd737bc4c
--=-XI3KpnEA2vatHlqkxJNE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAko2ZzEACgkQLMAs/0C4zNoOSwCdFjaMi/Mwz6rEBxyJ+L0aonX/
f0IAn3HHGR9vSJMneTIAA1Qy+pNg84d7
=+5q1
-----END PGP SIGNATURE-----
"
This entry was posted
on 2:56 PM
.
Archives
-
▼
2009
(488)
-
▼
June
(53)
- RHSA-2009:1127-01 Critical: kdelibs security update
- RHSA-2009:1128-01 Important: kdelibs security update
- USN-782-1: Thunderbird vulnerabilities
- RHSA-2009:1125-01 Moderate: thunderbird security u...
- RHSA-2009:1123-01 Moderate: gstreamer-plugins-good...
- USN-791-2: Moodle vulnerability
- RHSA-2009:1130-01 Critical: kdegraphics security u...
- RHSA-2009:1126-01 Moderate: thunderbird security u...
- DSA 1821-1: New amule packages fix insufficient in...
- RHSA-2009:1109-01 Critical: acroread security update
- DSA 1822-1: New mahara packages fix cross-site scr...
- DSA 1817-1: New ctorrent packages fix arbitrary co...
- RHSA-2009:1101-01 Moderate: cscope security update
- USN-788-1: Tomcat vulnerabilities
- DSA 1816-1: New apache2 packages fix privilege esc...
- RHSA-2009:1106-01 Important: kernel security and b...
- RHSA-2009:1102-01 Moderate: cscope security update
- DSA 1818-1: New gforge packages fix insufficient i...
- RHSA-2009:1100-01 Moderate: wireshark security update
- RHSA-2009:1107-01 Moderate: apr-util security update
- USN-775-2: Quagga regression
- DSA 1815-1: New libtorrent-rasterbar packages fix ...
- RHSA-2009:1096-01 Critical: seamonkey security update
- DSA 1814-1: New libsndfile packages fix arbitrary ...
- USN-784-1: ImageMagick vulnerability
- USN-785-1: ipsec-tools vulnerabilities
- RHSA-2009:1087-01 Important: mod_jk security update
- USN-783-1: eCryptfs vulnerability
- USN-781-1: Pidgin vulnerabilities
- RHSA-2009:1081-01 Important: kernel-rt security an...
- DSA 1809-1: New Linux 2.6.26 packages fix several ...
- RHSA-2009:1082-01 Important: cups security update
- USN-780-1: CUPS vulnerability
- USN-780-1: CUPS vulnerability
- DSA 1810-1: New cups/cupsys packages fix denial of...
- DSA 1812-1: New apr-util packages fix several vuln...
- RHSA-2009:1083-01 Important: cups security update
- USN-781-2: Gaim vulnerabilities
- RHSA-2009:1077-01 Important: kernel security and b...
- DSA 1810-1: New libapache-mod-jk packages fix info...
- USN-778-1: cron vulnerability
- RHSA-2009:1076-01 Low: Red Hat Enterprise Linux 2....
- DSA 1807-1: New cyrus-sasl2/cyrus-sasl2-heimdal pa...
- GLSA 200905-06 acpid: Denial of Service
- DSA 1805-1: New pidgin packages fix several vulner...
- GLSA 200905-08 NTP: Remote execution of arbitrary...
- GLSA 200905-07 Pidgin: Multiple vulnerabilities
- RHSA-2009:1067-01 Moderate: Red Hat Application St...
- RHSA-2009:1075-01 Moderate: httpd security update
- GLSA 200905-09 libsndfile: User-assisted executio...
- RHSA-2009:1066-01 Important: squirrelmail security...
- GLSA 200905-03 IPSec Tools: Denial of Service
- GLSA 200905-05 FreeType: Multiple vulnerabilities
-
▼
June
(53)