CVE-2011-3375 – tomcat: information disclosure due to improper response and request object recycling
https://notcve.org/view.php?id=CVE-2011-3375
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data. Apache Tomcat v6.0.30 a v6.0.33 y v7.x antes de v7.0.22 no realiza correctamente ciertas operaciones de almacenamiento en caché y reciclado de objetos de solicitud, lo cual permite a atacantes remotos obtener acceso de lectura a la dirección IP y a la información de la cabecera HTTP en determinadas circunstancias leyendo datos TCP. • http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-7.html http://www.debian.org/security/2012/dsa-2401 https://access.redhat.com/security/cve/CVE-2011-3375 https://bugzilla.redhat.com/show_bug.cgi?id=782624 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2011-5064 – tomcat: Multiple weaknesses in HTTP DIGEST authentication
https://notcve.org/view.php?id=CVE-2011-5064
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184. DigestAuthenticator.java en la implementación HTTP Digest Access Authentication en Apache Tomcat v5.5.x anterior a v5.5.34, v6.x anterior a v6.0.33, y v7.x anterior a v7.0.12 usa Catalina como "hard-coded server secret"(también conocido como clave privada), haciéndo más fácil para atacantes remotos evitar mecanismos de protección criptográfica mediante el conocimiento de esta cadena, una vulnerabilidad diferente a CVE-2011-1184. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http://rhn.redhat.com/errata/RHSA-2012-0078.html http://rhn.redhat.com/e • CWE-310: Cryptographic Issues •
CVE-2011-5062 – tomcat: Multiple weaknesses in HTTP DIGEST authentication
https://notcve.org/view.php?id=CVE-2011-5062
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184. La implementación HTTP Digest Access Authentication en Apache Tomcat v5.5.x anterior a v5.5.34, v6.x anterior a v6.0.33, y v7.x anterior a v7.0.12 no comprueba valores qop, lo que puede permitir a atacantes remotos eludir los requerimientos de protección-integridad mediante un valor qoq=auth, una vulnerabilidad diferente a CVE-2011-1184. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http://rhn.redhat.com/errata/RHSA-2012-0078.html http://rhn.redhat.com/e • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-5063 – tomcat: Multiple weaknesses in HTTP DIGEST authentication
https://notcve.org/view.php?id=CVE-2011-5063
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184. La implementación HTTP Digest Access Authentication en Apache Tomcat v5.5.x anterior a v5.5.34, v6.x anterior a v6.0.33, y v7.x anterior a v7.0.12 no comprueba valores realm , lo que puede permitir a atacantes remotos eludir las restricciones de acceso aprovechando la disponibilidad de un espacio de protección con una autenticación débil o los requisitos de autorización, una vulnerabilidad diferente a CVE-2011-1184. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http://rhn.redhat.com/errata/RHSA-2012-0078.html http://rhn.redhat.com/e • CWE-287: Improper Authentication •
CVE-2011-4858 – MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
https://notcve.org/view.php?id=CVE-2011-4858
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. Apache Tomcat antes de v5.5.35, v6.x antes de v6.0.35 y v7.x antes de v7.0.23 calcula los valores hash de los parámetros de los formularios, sin restringir la capacidad de desencadenar colisiones de hash de forma predecible. Esto permite a atacantes remotos provocar una denegación de servicio (por consumo de CPU) mediante el envío de gran cantidad de parámetros especialmente modificados. • https://www.exploit-db.com/exploits/2012 http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4EFB9800.5010106%40apache.org%3e http://marc.info/?l=bugtraq&m=132871655717248&w=2 http://marc.info/?l=bugtraq&m=133294394108746&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat • CWE-399: Resource Management Errors •