Detections
Analytics

Apache Tomcat 7.0.0 < 7.0.12 multiple vulnerabilities

medium Nessus Plugin ID 53323

Language:

Synopsis

The remote Apache Tomcat server is affected by multiple vulnerabilities

Description

The version of Tomcat installed on the remote host is prior to 7.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_7.0.12_security-7 advisory.

 - The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to a mix-up of responses for requests from different users. (CVE-2011-1475)

 - The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.
 (CVE-2011-5063)

 - Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. (CVE-2011-1088)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 7.0.12 or later.

See Also

http://www.nessus.org/u?8b095fc6

https://svn.apache.org/viewvc?view=rev&rev=1086349

https://svn.apache.org/viewvc?view=rev&rev=1086352

https://svn.apache.org/viewvc?view=rev&rev=1087643

https://svn.apache.org/viewvc?view=rev&rev=1087655

Plugin Details

Severity: Medium

ID: 53323

File Name: tomcat_7_0_12.nasl

Version: 1.26

Type: combined

Agent: windows, macosx, unix

Family: Web Servers

Published: 4/7/2011

Updated: 5/23/2024

Configuration: Enable thorough checks

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2011-1088

CVSS v3

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:tomcat:7

Required KB Items: installed_sw/Apache Tomcat

Exploit Ease: No known exploits are available

Patch Publication Date: 4/6/2011

Vulnerability Publication Date: 3/22/2011

Reference Information

CVE: CVE-2011-1088, CVE-2011-1475, CVE-2011-5063

BID: 47196, 47199, 49762

SECUNIA: 43684