Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:14705-1

Опубликовано: 21 апр. 2021
Источник: suse-cvrf

Описание

Security update for tomcat6

This update for tomcat6 fixes the following issues:

  • CVE-2021-25329: Fixed completely CVE-2020-9484 (bsc#1182909).
  • CVE-2021-24122: Fixed an information disclosure (bsc#1180947).
  • CVE-2017-12617: Fixed a file inclusion vulnerability through a crafted request (bsc#1059554).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
tomcat6-6.0.53-0.57.19.1
tomcat6-admin-webapps-6.0.53-0.57.19.1
tomcat6-docs-webapp-6.0.53-0.57.19.1
tomcat6-javadoc-6.0.53-0.57.19.1
tomcat6-jsp-2_1-api-6.0.53-0.57.19.1
tomcat6-lib-6.0.53-0.57.19.1
tomcat6-servlet-2_5-api-6.0.53-0.57.19.1
tomcat6-webapps-6.0.53-0.57.19.1
SUSE Linux Enterprise Server 11 SP4-LTSS
tomcat6-6.0.53-0.57.19.1
tomcat6-admin-webapps-6.0.53-0.57.19.1
tomcat6-docs-webapp-6.0.53-0.57.19.1
tomcat6-javadoc-6.0.53-0.57.19.1
tomcat6-jsp-2_1-api-6.0.53-0.57.19.1
tomcat6-lib-6.0.53-0.57.19.1
tomcat6-servlet-2_5-api-6.0.53-0.57.19.1
tomcat6-webapps-6.0.53-0.57.19.1

Ссылки

Описание

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-admin-webapps-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-docs-webapp-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-javadoc-6.0.53-0.57.19.1
Ссылки

Описание

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-admin-webapps-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-docs-webapp-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-javadoc-6.0.53-0.57.19.1
Ссылки

Описание

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-admin-webapps-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-docs-webapp-6.0.53-0.57.19.1
SUSE Linux Enterprise Point of Sale 11 SP3:tomcat6-javadoc-6.0.53-0.57.19.1
Ссылки
Уязвимость SUSE-SU-2021:14705-1