CVE-2012-4431 – Tomcat/JBoss Web - Bypass of CSRF prevention filter
https://notcve.org/view.php?id=CVE-2012-4431
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. org/apache/catalina/filters/CsrfPreventionFilter.java en Apache Tomcat v6.x antes de v6.0.36 y v7.x antes de v7.0.32 permite a atacantes remotos evitar el mecanismo de protección de CSRF a través de una petición que carece de un identificador de sesión. • https://github.com/imjdl/CVE-2012-4431 http://archives.neohapsis.com/archives/bugtraq/2012-12/0045.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html http://marc.info/?l=bugtraq&m=136612293908376&w=2 http: • CWE-264: Permissions, Privileges, and Access Controls CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2012-3546 – Web: Bypass of security constraints
https://notcve.org/view.php?id=CVE-2012-3546
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI. org/apache/catalina/campo/RealmBase.java en Apache Tomcat v6.x antes de v6.0.36 y v7.x antes de v7.0.30, cuando se utiliza la autenticación de formularios, permite a atacantes remotos evitar restricciones de seguridad aprovechándose de una llamada setUserPrincipal anterior para luego colocar /j_security_check al final de una URI. • http://archives.neohapsis.com/archives/bugtraq/2012-12/0044.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://marc.info/?l=bugtraq&m=136612293908376&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://rhn.redhat.com/errata/RHSA-2013-0004.html http://rhn.redhat.com/errata/RHSA-2013-0005.html http://rhn.re • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-5568
https://notcve.org/view.php?id=CVE-2012-5568
Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris. Apache Tomcat hasta v7.0.x permite a atacantes remotos provocar una denegación de servicio (parada del demonio) a través de peticiones HTTP parciales, tal y como quedó demostrado por Slowloris. • http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://openwall.com/lists/oss-security/2012/11/26/2 http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147776.html http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147779.html •
CVE-2012-5886 – tomcat: three DIGEST authentication implementation issues
https://notcve.org/view.php?id=CVE-2012-5886
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID. La implementación de HTTP Digest Access Authentication en Apache Tomcat v5.5.x antes de v5.5.36, 6.x antes 6.0.36, v7.x antes de v7.0.30 cachés información sobre el usuario autenticado en el estado de la sesión, lo que hace que sea más fácil para los atacantes remotos evitar la autenticación a través de vectores relacionados a la ID de sesión. • http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://rhn.redhat.com/errata/RHSA-2013-0623.html http://rhn.redhat.com/errata/RHSA-2013-0629.html http://rhn.redhat.com/errata/RHSA-2013-0631.html http://rhn.redhat.com/errata/RHSA-2013-0632.html http://rhn.redhat.com/errata/RHSA-2013-0633.html http://rhn.redhat.com/errata/ • CWE-287: Improper Authentication •
CVE-2012-5885 – tomcat: three DIGEST authentication implementation issues
https://notcve.org/view.php?id=CVE-2012-5885
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184. La funcionalidad replay-countermeasure en Apache Tomcat v5.5.x antes de v5.5.36, 6.x antes 6.0.36, v7.x antes de v7.0.30 registra valores cnonce (alias client nonce) en lugar de nonce (alias server nonce) y valores nc (alias nonce-count), lo que hace que sea más fácil para los atacantes remotos evitar las restricciones de acceso esnifando peticiones válidas a través del tráfico de red, una vulnerabilidad diferente a CVE-2011-1184. • http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=136612293908376&w=2 http://rhn.redhat.com/errata/RHSA-2013-0623.html http://rhn.redhat.com/errata/RHSA-2013-0629.html http://rhn.redhat.com/errata/RHSA-2013-0631.html http://rhn.redhat.com/erra • CWE-264: Permissions, Privileges, and Access Controls •