Apache Tomcat Request Object Security Bypass Vulnerability (Win) Network Vulnerability

Summary

The host is running Apache Tomcat Server and is prone to security bypass vulnerability.

Impact

Successful exploitation could allows remote attackers to bypass intended access restrictions or gain sensitive information. Impact Level: Application.

Solution

Upgrade Apache Tomcat to 6.0.33, 7.0.22 or later, For updates refer to http://tomcat.apache.org/

Insight

The flaw is due to improper recycling of the request object before processing the next request when logging certain actions, allowing attackers to gain sensitive information like remote IP address and HTTP headers which is being carried forward to the next request.

Affected

Apache Tomcat 6.0.30 to 6.0.32 and 7.x to 7.0.21 on Windows.

References

http://seclists.org/fulldisclosure/2012/Jan/236
http://secunia.com/advisories/47554/
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-7.html
https://issues.apache.org/bugzilla/show_bug.cgi?id=51872

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3375

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

IMail account hijack
Lil' HTTP Server Cross Site Scripting Vulnerability
Apache Directory Listing
IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability