You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2007/03/31 03:02:44 UTC
svn commit: r524341 - in /tomcat/site/trunk: docs/security-4.html
xdocs/security-4.xml
Author: markt
Date: Fri Mar 30 18:02:43 2007
New Revision: 524341
URL: http://svn.apache.org/viewvc?view=rev&rev=524341
Log:
2 more vulnerabilities
Modified:
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/xdocs/security-4.xml
Modified: tomcat/site/trunk/docs/security-4.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?view=diff&rev=524341&r1=524340&r2=524341
==============================================================================
--- tomcat/site/trunk/docs/security-4.html (original)
+++ tomcat/site/trunk/docs/security-4.html Fri Mar 30 18:02:43 2007
@@ -405,6 +405,18 @@
</p>
<p>Affects: 4.0.0-4.0.5, 4.1.0-4.1.12</p>
+
+ <p>
+<strong>moderate: Cross-site scripting</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682">
+ CVE-2002-0682</a>
+</p>
+
+ <p>A specially crafted URL using the invoker servlet and various internal
+ classess causes Tomcat to throw an exception that includes unescaped
+ information from the malformed request. This allows the XSS attack.</p>
+
+ <p>Affects: 4.0.0-4.0.5, 4.1.0-4.1.12</p>
</blockquote>
</p>
</td>
@@ -453,6 +465,42 @@
<tr>
<td bgcolor="#525D76">
<font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 4.1.3">
+<strong>Fixed in Apache Tomcat 4.1.3</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+ <p>
+<strong>important: Denial of service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935">
+ CVE-2002-0935</a>
+</p>
+
+ <p>A malformed HTTP request can cause the request processing thread to
+ become unresponsive. A sequence of such requests will cause all request
+ processing threads, and hence Tomcat as a whole, to become unresponsive.</p>
+
+ <p>Affects: 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6?, 4.1.0-4.1.2?</p>
+
+ </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
<a name="Fixed in Apache Tomcat 4.1.0">
<strong>Fixed in Apache Tomcat 4.1.0</strong>
</a>
@@ -553,6 +601,7 @@
CVE-2002-2008</a>
<br/>
</p>
+
<p>This issue only affects Windows operating systems. It can not be
reproduced on Windows XP Home with JDKs 1.3.1, 1.4.2, 1.5.0 or 1.6.0.
Further investigation is required to determine the Windows operating
@@ -605,6 +654,7 @@
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0936">
CVE-2002-0936</a>
</p>
+
<p>The issue described requires an attacker to be able to plant a JSP page
on the Tomcat server. If an attacker can do this then the server is
already compromised. In this case an attacker could just as easily add a
Modified: tomcat/site/trunk/xdocs/security-4.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?view=diff&rev=524341&r1=524340&r2=524341
==============================================================================
--- tomcat/site/trunk/xdocs/security-4.xml (original)
+++ tomcat/site/trunk/xdocs/security-4.xml Fri Mar 30 18:02:43 2007
@@ -133,6 +133,16 @@
CVE-2002-1148</a></p>
<p>Affects: 4.0.0-4.0.5, 4.1.0-4.1.12</p>
+
+ <p><strong>moderate: Cross-site scripting</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682">
+ CVE-2002-0682</a></p>
+
+ <p>A specially crafted URL using the invoker servlet and various internal
+ classess causes Tomcat to throw an exception that includes unescaped
+ information from the malformed request. This allows the XSS attack.</p>
+
+ <p>Affects: 4.0.0-4.0.5, 4.1.0-4.1.12</p>
</section>
<section name="Fixed in Apache Tomcat 4.1.12, 4.0.5">
@@ -146,6 +156,19 @@
<p>Affects: 4.0.0-4.0.4, 4.1.0-4.1.11</p>
</section>
+ <section name="Fixed in Apache Tomcat 4.1.3">
+ <p><strong>important: Denial of service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935">
+ CVE-2002-0935</a></p>
+
+ <p>A malformed HTTP request can cause the request processing thread to
+ become unresponsive. A sequence of such requests will cause all request
+ processing threads, and hence Tomcat as a whole, to become unresponsive.</p>
+
+ <p>Affects: 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6?, 4.1.0-4.1.2?</p>
+
+ </section>
+
<section name="Fixed in Apache Tomcat 4.1.0">
<p><strong>important: Denial of service</strong>
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866">
@@ -186,6 +209,7 @@
CVE-2005-4703</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2008">
CVE-2002-2008</a><br/></p>
+
<p>This issue only affects Windows operating systems. It can not be
reproduced on Windows XP Home with JDKs 1.3.1, 1.4.2, 1.5.0 or 1.6.0.
Further investigation is required to determine the Windows operating
@@ -212,6 +236,7 @@
<p><strong>Denial of service vulnerability</strong>
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0936">
CVE-2002-0936</a></p>
+
<p>The issue described requires an attacker to be able to plant a JSP page
on the Tomcat server. If an attacker can do this then the server is
already compromised. In this case an attacker could just as easily add a
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org