Summary
The host is running Apache Tomcat Server and is prone to multiple security bypass vulnerabilities.
Impact
Successful exploitation could allow remote attackers to bypass intended access restrictions by sniffing the network for valid requests.
Impact Level: Application
Solution
Apply patch or upgrade Apache Tomcat to 5.5.36, 6.0.36, 7.0.30 or later, For updates refer to http://tomcat.apache.org/
*****
NOTE: Ignore this warning, if above mentioned patch is manually applied.
*****
Insight
The flaws are due to error in HTTP digest access authentication implementation, which does not properly validate for, - stale nonce values in conjunction with enforcement of proper credentials - caches information about the authenticated user within the session state - cnonce values instead of nonce and nc values.
Affected
Apache Tomcat version 5.5.x to 5.5.35, 6.x to 6.0.35 and 7.x to 7.0.29
References
- http://secunia.com/advisories/51138/
- http://svn.apache.org/viewvc?view=revision&revision=1377807
- http://svn.apache.org/viewvc?view=revision&revision=1380829
- http://svn.apache.org/viewvc?view=revision&revision=1392248
- http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.36
- http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36
- http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.30
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-5885, CVE-2012-5886, CVE-2012-5887 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)
- CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
- IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability
- Apache Tomcat Session Fixation Vulnerability (Windows)