Описание
Security update for tomcat6
This update for tomcat6 fixes the following issues:
The version was updated from 6.0.41 to 6.0.45.
Security issues fixed:
- CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat allowed remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. (bsc#967967)
- CVE-2015-5345: The Mapper component in Apache Tomcat processes redirects before considering security constraints and Filters, which allowed remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. (bsc#967965)
- CVE-2016-0706: Apache Tomcat did not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allowed remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application. (bsc#967815)
- CVE-2016-0714: The session-persistence implementation in Apache Tomcat mishandled session attributes, which allowed remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session. (bsc#967964)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
Ссылки
- Link for SUSE-SU-2016:0839-1
- E-Mail link for SUSE-SU-2016:0839-1
- SUSE Security Ratings
- SUSE Bug 934219
- SUSE Bug 967815
- SUSE Bug 967964
- SUSE Bug 967965
- SUSE Bug 967967
- SUSE CVE CVE-2015-5174 page
- SUSE CVE CVE-2015-5345 page
- SUSE CVE CVE-2016-0706 page
- SUSE CVE CVE-2016-0714 page
Описание
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory.
Затронутые продукты
Ссылки
- CVE-2015-5174
- SUSE Bug 967967
Описание
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.
Затронутые продукты
Ссылки
- CVE-2015-5345
- SUSE Bug 967965
Описание
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application.
Затронутые продукты
Ссылки
- CVE-2016-0706
- SUSE Bug 967815
- SUSE Bug 971085
- SUSE Bug 988489
Описание
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.
Затронутые продукты
Ссылки
- CVE-2016-0714
- SUSE Bug 967964
- SUSE Bug 971085