Apache Tomcat 7.0.11 information disclosure

2011-04-11 / 2011-04-12
Credit: Mark Thomas
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-20


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: None
Availability impact: None

Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.11 - Earlier versions are not affected Description: Changes introduced to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did not fully account for HTTP pipelining. As a result, when using HTTP pipelining a range of unexpected behaviours occurred including the mixing up of responses between requests. While the mix-up in responses was only observed between requests from the same user, a mix-up of responses for requests from different users may also be possible. Mitigation: Users of affected versions should apply one of the following mitigations: - Upgrade to a Tomcat 7.0.12 or later - Switch to the NIO or APR/native HTTP connectors that do not exhibit this issue Credit: This issue was identified by Brad Piles and reported via the public ASF Bugzilla issue tracking system. The Apache Tomcat security team requests that security vulnerability reports are made privately to security (at) tomcat.apache (dot) org [email concealed] in the first instance. References: http://tomcat.apache.org/security.html http://tomcat.apache.org/security-7.html

References:

http://svn.apache.org/viewvc?view=revision&revision=1086352
http://svn.apache.org/viewvc?view=revision&revision=1086349
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957
http://www.securityfocus.com/bid/47199
http://www.securityfocus.com/archive/1/517363
http://tomcat.apache.org/security-7.html
http://seclists.org/fulldisclosure/2011/Apr/97


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top