Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS05Z2dtLTc4OTcteDRtZ84AATyx

Improper Input Validation in Apache Tomcat

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.

Permalink: https://github.com/advisories/GHSA-9ggm-7897-x4mg
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05Z2dtLTc4OTcteDRtZ84AATyx
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 2 years ago
Updated: 9 months ago

Identifiers: GHSA-9ggm-7897-x4mg, CVE-2011-2526
References:

• https://nvd.nist.gov/vuln/detail/CVE-2011-2526
• https://bugzilla.redhat.com/show_bug.cgi?id=720948
• https://exchange.xforce.ibmcloud.com/vulnerabilities/68541
• https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
• https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
• https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
• https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
• http://marc.info/?l=bugtraq&m=132215163318824&w=2
• http://marc.info/?l=bugtraq&m=133469267822771&w=2
• http://marc.info/?l=bugtraq&m=136485229118404&w=2
• http://marc.info/?l=bugtraq&m=139344343412337&w=2
• http://svn.apache.org/viewvc?view=revision&revision=1145383
• http://svn.apache.org/viewvc?view=revision&revision=1145571
• http://svn.apache.org/viewvc?view=revision&revision=1145694
• http://svn.apache.org/viewvc?view=revision&revision=1146005
• http://tomcat.apache.org/security-5.html
• http://tomcat.apache.org/security-6.html
• http://tomcat.apache.org/security-7.html
• http://www.debian.org/security/2012/dsa-2401
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14573
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19514
• http://www.mandriva.com/security/advisories?name=MDVSA-2011:156
• https://github.com/apache/tomcat/commit/1d372c881eafd9ffe729996f8560fd5fe50cd39d
• https://github.com/apache/tomcat/commit/2e69497fa7b1444632c6dadb64a4a82e18478ee6
• https://github.com/apache/tomcat/commit/48dded4ab1209a030770ab67a789d3b2528b6329
• https://github.com/apache/tomcat/commit/ff8789737a0a64c12d68929497f16d8021052048
• https://github.com/apache/tomcat55/commit/e67f6882118f2a8285e4e8acd050dad64a3ef3e4
• https://access.redhat.com/errata/RHSA-2012:0074
• https://access.redhat.com/errata/RHSA-2012:0075
• https://access.redhat.com/errata/RHSA-2012:0076
• https://web.archive.org/web/20110717104325/http://www.securityfocus.com/bid/48667
• https://web.archive.org/web/20111110135231/http://www.securityfocus.com/archive/1/518889/100/0/threaded
• https://web.archive.org/web/20121025191346/http://secunia.com/advisories/45232
• https://web.archive.org/web/20140802025928/http://secunia.com/advisories/48308
• https://web.archive.org/web/20151017023138/http://secunia.com/advisories/57126
• https://web.archive.org/web/20160101172212/http://rhn.redhat.com/errata/RHSA-2012-0078.html
• https://web.archive.org/web/20160101172638/http://rhn.redhat.com/errata/RHSA-2012-0077.html
• https://web.archive.org/web/20160101195415/http://rhn.redhat.com/errata/RHSA-2012-0325.html
• https://web.archive.org/web/20161107143207/http://www.securitytracker.com/id?1025788
• https://github.com/advisories/GHSA-9ggm-7897-x4mg

Repository: https://github.com/apache/tomcat
Blast Radius: 0.0

Affected Packages