You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2011/07/13 12:58:00 UTC
svn commit: r1145952 [1/2] - in /tomcat/site/trunk: docs/ xdocs/
Author: markt
Date: Wed Jul 13 10:57:59 2011
New Revision: 1145952
URL: http://svn.apache.org/viewvc?rev=1145952&view=rev
Log:
More nofollow and a few line lengths
Modified:
tomcat/site/trunk/docs/security-3.html
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-jk.html
tomcat/site/trunk/docs/security-native.html
tomcat/site/trunk/docs/security.html
tomcat/site/trunk/docs/whoweare.html
tomcat/site/trunk/xdocs/security-3.xml
tomcat/site/trunk/xdocs/security-4.xml
tomcat/site/trunk/xdocs/security-5.xml
tomcat/site/trunk/xdocs/security-6.xml
tomcat/site/trunk/xdocs/security-7.xml
tomcat/site/trunk/xdocs/security-jk.xml
tomcat/site/trunk/xdocs/security-native.xml
tomcat/site/trunk/xdocs/security.xml
tomcat/site/trunk/xdocs/whoweare.xml
Modified: tomcat/site/trunk/docs/security-3.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-3.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-3.html (original)
+++ tomcat/site/trunk/docs/security-3.html Wed Jul 13 10:57:59 2011
@@ -313,8 +313,7 @@
<blockquote>
<p>
<strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808">
- CVE-2005-0808</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808" rel="nofollow">CVE-2005-0808</a>
</p>
<p>Tomcat 3.x can be remotely caused to crash or shutdown by a connection
@@ -327,8 +326,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382">
- CVE-2007-3382</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382" rel="nofollow">CVE-2007-3382</a>
</p>
<p>Tomcat incorrectly treated a single quote character (') in a cookie
@@ -339,8 +337,7 @@
<p>
<strong>low: Cross site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3384">
- CVE-2007-3384</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3384" rel="nofollow">CVE-2007-3384</a>
</p>
<p>When reporting error messages, Tomcat does not filter user supplied data
@@ -352,8 +349,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" rel="nofollow">CVE-2007-3385</a>
</p>
<p>Tomcat incorrectly handled the character sequence \" in a cookie value.
@@ -391,8 +387,7 @@
<blockquote>
<p>
<strong>moderate: Cross site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044">
- CVE-2003-0044</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044" rel="nofollow">CVE-2003-0044</a>
</p>
<p>The root web application and the examples web application contained a
@@ -430,8 +425,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043">
- CVE-2003-0043</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043" rel="nofollow">CVE-2003-0043</a>
</p>
<p>When used with JDK 1.3.1 or earlier, web.xml files were read with
@@ -442,8 +436,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042">
- CVE-2003-0042</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042" rel="nofollow">CVE-2003-0042</a>
</p>
<p>URLs containing null characters could result in file contents being
@@ -480,8 +473,7 @@
<blockquote>
<p>
<strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045">
- CVE-2003-0045</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045" rel="nofollow">CVE-2003-0045</a>
</p>
<p>JSP page names that match a Windows DOS device name, such as aux.jsp, may
@@ -519,8 +511,7 @@
<blockquote>
<p>
<strong>moderate: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007">
- CVE-2002-2007</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007" rel="nofollow">CVE-2002-2007</a>
</p>
<p>Non-standard requests to the sample applications installed by default
@@ -531,10 +522,8 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006">
- CVE-2002-2006</a>,
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760">
- CVE-2000-0760</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006" rel="nofollow">CVE-2002-2006</a>,
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760" rel="nofollow">CVE-2000-0760</a>
</p>
<p>The snoop servlet installed as part of the examples includes output that
@@ -571,8 +560,7 @@
<blockquote>
<p>
<strong>moderate: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1563">
- CVE-2001-1563</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1563" rel="nofollow">CVE-2001-1563</a>
<br/>
</p>
@@ -609,8 +597,7 @@
<blockquote>
<p>
<strong>moderate: Cross site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829">
- CVE-2001-0829</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829" rel="nofollow">CVE-2001-0829</a>
</p>
<p>The default 404 error page does not escape URLs. This allows XSS
@@ -620,8 +607,7 @@
<p>
<strong>moderate: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590">
- CVE-2001-0590</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590" rel="nofollow">CVE-2001-0590</a>
<br/>
</p>
@@ -657,8 +643,7 @@
<blockquote>
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0759">
- CVE-2000-0759</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0759" rel="nofollow">CVE-2000-0759</a>
<br/>
</p>
@@ -669,8 +654,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0672">
- CVE-2000-0672</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0672" rel="nofollow">CVE-2000-0672</a>
<br/>
</p>
@@ -709,8 +693,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1210">
- CVE-2000-1210</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1210" rel="nofollow">CVE-2000-1210</a>
<br/>
</p>
Modified: tomcat/site/trunk/docs/security-4.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-4.html (original)
+++ tomcat/site/trunk/docs/security-4.html Wed Jul 13 10:57:59 2011
@@ -334,8 +334,7 @@
<blockquote>
<p>
<strong>moderate: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836">
- CVE-2005-4836</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836" rel="nofollow">CVE-2005-4836</a>
</p>
<p>The deprecated HTTP/1.1 connector does not reject request URIs containing
@@ -377,8 +376,7 @@
<blockquote>
<p>
<strong>Important: Information Disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515">
- CVE-2008-5515</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515" rel="nofollow">CVE-2008-5515</a>
</p>
<p>When using a RequestDispatcher obtained from the Request, the target path
@@ -397,8 +395,7 @@
<p>
<strong>Important: Denial of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033">
- CVE-2009-0033</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033" rel="nofollow">CVE-2009-0033</a>
</p>
<p>If Tomcat receives a request with invalid headers via the Java AJP
@@ -416,8 +413,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580">
- CVE-2009-0580</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580" rel="nofollow">CVE-2009-0580</a>
</p>
<p>Due to insufficient error checking in some authentication classes, Tomcat
@@ -436,8 +432,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781">
- CVE-2009-0781</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781" rel="nofollow">CVE-2009-0781</a>
</p>
<p>The calendar application in the examples web application contains an
@@ -452,8 +447,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783">
- CVE-2009-0783</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783" rel="nofollow">CVE-2009-0783</a>
</p>
<p>Bugs <a href="https://issues.apache.org/bugzilla/show_bug.cgi?id=29936">
@@ -501,8 +495,7 @@
<p>
<strong>moderate: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128">
- CVE-2008-0128</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128" rel="nofollow">CVE-2008-0128</a>
</p>
<p>When using the SingleSignOn Valve via https the Cookie JSESSIONIDSSO is
@@ -518,8 +511,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
- CVE-2008-1232</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232" rel="nofollow">CVE-2008-1232</a>
</p>
<p>The message argument of HttpServletResponse.sendError() call is not only
@@ -538,8 +530,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
- CVE-2008-2370</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370" rel="nofollow">CVE-2008-2370</a>
</p>
<p>When using a RequestDispatcher the target path was normalised before the
@@ -583,8 +574,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164">
- CVE-2005-3164</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164" rel="nofollow">CVE-2005-3164</a>
</p>
<p>If a client specifies a Content-Length but disconnects before sending
@@ -597,8 +587,7 @@
<p>
<strong>moderate: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355">
- CVE-2007-1355</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355" rel="nofollow">CVE-2007-1355</a>
</p>
<p>The JSP and Servlet included in the sample application within the Tomcat
@@ -610,8 +599,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449">
- CVE-2007-2449</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449" rel="nofollow">CVE-2007-2449</a>
</p>
<p>JSPs within the examples web application did not escape user provided
@@ -626,8 +614,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450">
- CVE-2007-2450</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450" rel="nofollow">CVE-2007-2450</a>
</p>
<p>The Manager web application did not escape user provided data before
@@ -640,8 +627,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382">
- CVE-2007-3382</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382" rel="nofollow">CVE-2007-3382</a>
</p>
<p>Tomcat incorrectly treated a single quote character (') in a cookie
@@ -652,8 +638,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383">
- CVE-2007-3383</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383" rel="nofollow">CVE-2007-3383</a>
</p>
<p>When reporting error messages, the SendMailServlet (part of the examples
@@ -668,8 +653,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" rel="nofollow">CVE-2007-3385</a>
</p>
<p>Tomcat incorrectly handled the character sequence \" in a cookie value.
@@ -680,21 +664,18 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333">
- CVE-2007-5333</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333" rel="nofollow">CVE-2007-5333</a>
</p>
<p>The previous fix for
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a> was incomplete. It did not consider the use of quotes
- or %5C within a cookie value.</p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" rel="nofollow">CVE-2007-3385</a> was incomplete. It did not consider the
+ use of quotes or %5C within a cookie value.</p>
<p>Affects: 4.1.0-4.1.36</p>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461">
- CVE-2007-5461</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461" rel="nofollow">CVE-2007-5461</a>
</p>
<p>When Tomcat's WebDAV servlet is configured for use with a context and
@@ -733,8 +714,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090">
- CVE-2005-2090</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090" rel="nofollow">CVE-2005-2090</a>
</p>
<p>Requests with multiple content-length headers should be rejected as
@@ -752,46 +732,46 @@
<p>
<strong>important: Directory traversal</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450">
- CVE-2007-0450</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450" rel="nofollow">CVE-2007-0450</a>
</p>
<p>The fix for this issue was insufficient. A fix was also required in the
JK connector module for httpd. See
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860">
- CVE-2007-1860</a> for further information.</p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860" rel="nofollow">CVE-2007-1860</a> for further information.</p>
- <p>Tomcat permits '\', '%2F' and '%5C' as path delimiters. When Tomcat is used
- behind a proxy (including, but not limited to, Apache HTTP server with
- mod_proxy and mod_jk) configured to only proxy some contexts, a HTTP request
- containing strings like "/\../" may allow attackers to work around the context
- restriction of the proxy, and access the non-proxied contexts.
+ <p>Tomcat permits '\', '%2F' and '%5C' as path delimiters. When Tomcat is
+ used behind a proxy (including, but not limited to, Apache HTTP server
+ with mod_proxy and mod_jk) configured to only proxy some contexts, a HTTP
+ request containing strings like "/\../" may allow attackers to work
+ around the context restriction of the proxy, and access the non-proxied
+ contexts.
</p>
<p>The following Java system properties have been added to Tomcat to provide
- additional control of the handling of path delimiters in URLs (both options
- default to false):
+ additional control of the handling of path delimiters in URLs (both
+ options default to false):
<ul>
<li>
- <code>org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH</code>: <code>true|false</code>
+ <code>org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH</code>:
+ <code>true|false</code>
</li>
<li>
- <code>org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH</code>: <code>true|false</code>
+ <code>org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH</code>:
+ <code>true|false</code>
</li>
</ul>
</p>
- <p>Due to the impossibility to guarantee that all URLs are handled by Tomcat as
- they are in proxy servers, Tomcat should always be secured as if no proxy
- restricting context access was used.
+ <p>Due to the impossibility to guarantee that all URLs are handled by Tomcat
+ as they are in proxy servers, Tomcat should always be secured as if no
+ proxy restricting context access was used.
</p>
<p>Affects: 4.0.0-4.0.6, 4.1.0-4.1.34</p>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358">
- CVE-2007-1358</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358" rel="nofollow">CVE-2007-1358</a>
</p>
<p>Web pages that display the Accept-Language header value sent by the
@@ -834,8 +814,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308">
- CVE-2008-4308</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308" rel="nofollow">CVE-2008-4308</a>
</p>
<p>
@@ -877,8 +856,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271">
- CVE-2008-3271</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271" rel="nofollow">CVE-2008-3271</a>
</p>
<p>
@@ -893,8 +871,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858">
- CVE-2007-1858</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858" rel="nofollow">CVE-2007-1858</a>
</p>
<p>The default SSL configuration permitted the use of insecure cipher suites
@@ -905,8 +882,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196">
- CVE-2006-7196</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196" rel="nofollow">CVE-2006-7196</a>
</p>
<p>The calendar application included as part of the JSP examples is
@@ -917,8 +893,7 @@
<p>
<strong>low: Directory listing</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835">
- CVE-2006-3835</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835" rel="nofollow">CVE-2006-3835</a>
</p>
<p>This is expected behaviour when directory listings are enabled. The
@@ -932,8 +907,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838">
- CVE-2005-4838</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838" rel="nofollow">CVE-2005-4838</a>
</p>
<p>Various JSPs included as part of the JSP examples and the Tomcat Manager
@@ -944,8 +918,7 @@
<p>
<strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510">
- CVE-2005-3510</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510" rel="nofollow">CVE-2005-3510</a>
</p>
<p>The root cause is the relatively expensive calls required to generate
@@ -987,8 +960,7 @@
<blockquote>
<p>
<strong>moderate: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1567">
- CVE-2002-1567</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1567" rel="nofollow">CVE-2002-1567</a>
</p>
<p>The unmodified requested URL is included in the 404 response header. The
@@ -1028,8 +1000,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394">
- CVE-2002-1394</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394" rel="nofollow">CVE-2002-1394</a>
</p>
<p>A specially crafted URL using the invoker servlet in conjunction with the
@@ -1037,16 +1008,14 @@
or, under special circumstances, a static resource that would otherwise
have been protected by a security constraint without the need to be
properly authenticated. This is a variation of
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148">
- CVE-2002-1148</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148" rel="nofollow">CVE-2002-1148</a>
</p>
<p>Affects: 4.0.0-4.0.5, 4.1.0-4.1.12</p>
<p>
<strong>moderate: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682">
- CVE-2002-0682</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682" rel="nofollow">CVE-2002-0682</a>
</p>
<p>A specially crafted URL using the invoker servlet and various internal
@@ -1083,8 +1052,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148">
- CVE-2002-1148</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148" rel="nofollow">CVE-2002-1148</a>
</p>
<p>A specially crafted URL using the default servlet can enable an attacker
@@ -1120,8 +1088,7 @@
<blockquote>
<p>
<strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935">
- CVE-2002-0935</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935" rel="nofollow">CVE-2002-0935</a>
</p>
<p>A malformed HTTP request can cause the request processing thread to
@@ -1159,8 +1126,7 @@
<blockquote>
<p>
<strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866">
- CVE-2003-0866</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866" rel="nofollow">CVE-2003-0866</a>
</p>
<p>A malformed HTTP request can cause the request processing thread to
@@ -1171,8 +1137,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006">
- CVE-2002-2006</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006" rel="nofollow">CVE-2002-2006</a>
</p>
<p>The snoop and trouble shooting servlets installed as part of the examples
@@ -1209,10 +1174,8 @@
<blockquote>
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2009">
- CVE-2002-2009</a>,
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0917">
- CVE-2001-0917</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2009" rel="nofollow">CVE-2002-2009</a>,
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0917" rel="nofollow">CVE-2001-0917</a>
</p>
<p>Requests for JSP files where the file name is preceded by '+/', '>/',
@@ -1250,8 +1213,7 @@
<blockquote>
<p>
<strong>moderate: Security manager bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0493">
- CVE-2002-0493</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0493" rel="nofollow">CVE-2002-0493</a>
</p>
<p>If errors are encountered during the parsing of web.xml and Tomcat is
@@ -1285,10 +1247,8 @@
<blockquote>
<p>
<strong>low: Installation path disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4703">
- CVE-2005-4703</a>,
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2008">
- CVE-2002-2008</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4703" rel="nofollow">CVE-2005-4703</a>,
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2008" rel="nofollow">CVE-2002-2008</a>
<br/>
</p>
@@ -1303,8 +1263,7 @@
<p>
<strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1895">
- CVE-2002-1895</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1895" rel="nofollow">CVE-2002-1895</a>
<br/>
</p>
@@ -1344,8 +1303,7 @@
<blockquote>
<p>
<strong>Denial of service vulnerability</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0936">
- CVE-2002-0936</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0936" rel="nofollow">CVE-2002-0936</a>
</p>
<p>The issue described requires an attacker to be able to plant a JSP page
@@ -1356,8 +1314,7 @@
<p>
<strong>important: Directory traversal</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938">
- CVE-2008-2938</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938" rel="nofollow">CVE-2008-2938</a>
</p>
<p>Originally reported as a Tomcat vulnerability the root cause of this
Modified: tomcat/site/trunk/docs/security-5.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-5.html (original)
+++ tomcat/site/trunk/docs/security-5.html Wed Jul 13 10:57:59 2011
@@ -353,8 +353,7 @@
<p>
<strong>Low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204">
- CVE-2011-2204</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204" rel="nofollow">CVE-2011-2204</a>
</p>
<p>When using the MemoryUserDatabase (based on tomcat-users.xml) and
@@ -410,8 +409,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
- CVE-2011-0013</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013" rel="nofollow">CVE-2011-0013</a>
</p>
<p>The HTML Manager interface displayed web application provided data, such
@@ -463,8 +461,7 @@
<p>
<strong>low: SecurityManager file permission bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
- CVE-2010-3718</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718" rel="nofollow">CVE-2010-3718</a>
</p>
<p>When running under a SecurityManager, access to the file system is
@@ -493,8 +490,7 @@
<p>
<strong>Important: Remote Denial Of Service and Information Disclosure
Vulnerability</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227">
- CVE-2010-2227</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227" rel="nofollow">CVE-2010-2227</a>
</p>
<p>Several flaws in the handling of the 'Transfer-Encoding' header were
@@ -515,8 +511,7 @@
<p>
<strong>Low: Information disclosure in authentication headers</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157">
- CVE-2010-1157</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157" rel="nofollow">CVE-2010-1157</a>
</p>
<p>The <code>WWW-Authenticate</code> HTTP header for BASIC and DIGEST
@@ -573,8 +568,7 @@
<p>
<strong>Low: Arbitrary file deletion and/or alteration on deploy</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693">
- CVE-2009-2693</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693" rel="nofollow">CVE-2009-2693</a>
</p>
<p>When deploying WAR files, the WAR files were not checked for directory
@@ -593,8 +587,7 @@
<p>
<strong>Low: Insecure partial deploy after failed undeploy</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901">
- CVE-2009-2901</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901" rel="nofollow">CVE-2009-2901</a>
</p>
<p>By default, Tomcat automatically deploys any directories placed in a
@@ -617,8 +610,7 @@
<p>
<strong>Low: Unexpected file deletion in work directory</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902">
- CVE-2009-2902</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902" rel="nofollow">CVE-2009-2902</a>
</p>
<p>When deploying WAR files, the WAR file names were not checked for
@@ -638,8 +630,7 @@
<p>
<strong>Low: Insecure default password</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548">
- CVE-2009-3548</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548" rel="nofollow">CVE-2009-3548</a>
</p>
<p>The Windows installer defaults to a blank password for the administrative
@@ -689,8 +680,7 @@
<blockquote>
<p>
<strong>Important: Information Disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515">
- CVE-2008-5515</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515" rel="nofollow">CVE-2008-5515</a>
</p>
<p>When using a RequestDispatcher obtained from the Request, the target path
@@ -712,8 +702,7 @@
<p>
<strong>Important: Denial of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033">
- CVE-2009-0033</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033" rel="nofollow">CVE-2009-0033</a>
</p>
<p>If Tomcat receives a request with invalid headers via the Java AJP
@@ -734,8 +723,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580">
- CVE-2009-0580</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580" rel="nofollow">CVE-2009-0580</a>
</p>
<p>Due to insufficient error checking in some authentication classes, Tomcat
@@ -757,8 +745,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781">
- CVE-2009-0781</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781" rel="nofollow">CVE-2009-0781</a>
</p>
<p>The calendar application in the examples web application contains an
@@ -776,8 +763,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783">
- CVE-2009-0783</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783" rel="nofollow">CVE-2009-0783</a>
</p>
<p>Bugs <a href="https://issues.apache.org/bugzilla/show_bug.cgi?id=29936">
@@ -834,8 +820,7 @@
<blockquote>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
- CVE-2008-1232</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232" rel="nofollow">CVE-2008-1232</a>
</p>
<p>The message argument of HttpServletResponse.sendError() call is not only
@@ -857,8 +842,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947">
- CVE-2008-1947</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947" rel="nofollow">CVE-2008-1947</a>
</p>
<p>The Host Manager web application did not escape user provided data before
@@ -878,8 +862,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
- CVE-2008-2370</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370" rel="nofollow">CVE-2008-2370</a>
</p>
<p>When using a RequestDispatcher the target path was normalised before the
@@ -931,21 +914,18 @@
<blockquote>
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333">
- CVE-2007-5333</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333" rel="nofollow">CVE-2007-5333</a>
</p>
<p>The previous fix for
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a> was incomplete. It did not consider the use of quotes
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" rel="nofollow">CVE-2007-3385</a> was incomplete. It did not consider the use of quotes
or %5C within a cookie value.</p>
<p>Affects: 5.5.0-5.5.25</p>
<p>
<strong>low: Elevated privileges</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342">
- CVE-2007-5342</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342" rel="nofollow">CVE-2007-5342</a>
</p>
<p>The JULI logging component allows web applications to provide their own
@@ -958,8 +938,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461">
- CVE-2007-5461</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461" rel="nofollow">CVE-2007-5461</a>
</p>
<p>When Tomcat's WebDAV servlet is configured for use with a context and
@@ -971,8 +950,7 @@
<p>
<strong>important: Data integrity</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286">
- CVE-2007-6286</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286" rel="nofollow">CVE-2007-6286</a>
</p>
<p>When using the native (APR based) connector, connecting to the SSL port
@@ -1014,8 +992,7 @@
<blockquote>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449">
- CVE-2007-2449</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449" rel="nofollow">CVE-2007-2449</a>
</p>
<p>JSPs within the examples web application did not escape user provided
@@ -1030,8 +1007,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450">
- CVE-2007-2450</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450" rel="nofollow">CVE-2007-2450</a>
</p>
<p>The Manager and Host Manager web applications did not escape user
@@ -1044,8 +1020,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382">
- CVE-2007-3382</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382" rel="nofollow">CVE-2007-3382</a>
</p>
<p>Tomcat incorrectly treated a single quote character (') in a cookie
@@ -1056,8 +1031,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" rel="nofollow">CVE-2007-3385</a>
</p>
<p>Tomcat incorrectly handled the character sequence \" in a cookie value.
@@ -1068,8 +1042,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386">
- CVE-2007-3386</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386" rel="nofollow">CVE-2007-3386</a>
</p>
<p>The Host Manager Servlet did not filter user supplied data before
@@ -1111,8 +1084,7 @@
<blockquote>
<p>
<strong>moderate: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355">
- CVE-2007-1355</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355" rel="nofollow">CVE-2007-1355</a>
</p>
<p>The JSP and Servlet included in the sample application within the Tomcat
@@ -1156,8 +1128,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090">
- CVE-2005-2090</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090" rel="nofollow">CVE-2005-2090</a>
</p>
<p>Requests with multiple content-length headers should be rejected as
@@ -1206,14 +1177,12 @@
<blockquote>
<p>
<strong>important: Directory traversal</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450">
- CVE-2007-0450</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450" rel="nofollow">CVE-2007-0450</a>
</p>
<p>The fix for this issue was insufficient. A fix was also required in the
JK connector module for httpd. See
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860">
- CVE-2007-1860</a> for further information.</p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860" rel="nofollow">CVE-2007-1860</a> for further information.</p>
<p>Tomcat permits '\', '%2F' and '%5C' as path delimiters. When Tomcat is used
behind a proxy (including, but not limited to, Apache HTTP server with
@@ -1275,8 +1244,7 @@
<blockquote>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358">
- CVE-2007-1358</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358" rel="nofollow">CVE-2007-1358</a>
</p>
<p>Web pages that display the Accept-Language header value sent by the
@@ -1323,8 +1291,7 @@
<blockquote>
<p>
<strong>moderate: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128">
- CVE-2008-0128</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128" rel="nofollow">CVE-2008-0128</a>
</p>
<p>When using the SingleSignOn Valve via https the Cookie JSESSIONIDSSO is
@@ -1336,8 +1303,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308">
- CVE-2008-4308</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308" rel="nofollow">CVE-2008-4308</a>
</p>
<p>
@@ -1383,8 +1349,7 @@
<blockquote>
<p>
<strong>moderate: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195">
- CVE-2006-7195</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195" rel="nofollow">CVE-2006-7195</a>
</p>
<p>The implicit-objects.jsp in the examples webapp displayed a number of
@@ -1426,8 +1391,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858">
- CVE-2007-1858</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858" rel="nofollow">CVE-2007-1858</a>
</p>
<p>The default SSL configuration permitted the use of insecure cipher suites
@@ -1469,8 +1433,7 @@
<blockquote>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196">
- CVE-2006-7196</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196" rel="nofollow">CVE-2006-7196</a>
</p>
<p>The calendar application included as part of the JSP examples is
@@ -1507,8 +1470,7 @@
<blockquote>
<p>
<strong>low: Directory listing</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835">
- CVE-2006-3835</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835" rel="nofollow">CVE-2006-3835</a>
</p>
<p>This is expected behaviour when directory listings are enabled. The
@@ -1522,8 +1484,7 @@
<p>
<strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510">
- CVE-2005-3510</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510" rel="nofollow">CVE-2005-3510</a>
</p>
<p>The root cause is the relatively expensive calls required to generate
@@ -1565,8 +1526,7 @@
<blockquote>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838">
- CVE-2005-4838</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838" rel="nofollow">CVE-2005-4838</a>
</p>
<p>Various JSPs included as part of the JSP examples and the Tomcat Manager
@@ -1603,8 +1563,7 @@
<blockquote>
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271">
- CVE-2008-3271</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271" rel="nofollow">CVE-2008-3271</a>
</p>
<p>
@@ -1646,8 +1605,7 @@
<p>
<strong>Important: Remote Denial Of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476">
- CVE-2010-4476</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476" rel="nofollow">CVE-2010-4476</a>
</p>
<p>A JVM bug could cause Double conversion to hang JVM when accessing to a
@@ -1668,8 +1626,7 @@
<p>
<strong>moderate: TLS SSL Man In The Middle</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
- CVE-2009-3555</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" rel="nofollow">CVE-2009-3555</a>
</p>
<p>A vulnerability exists in the TLS protocol that allows an attacker to
@@ -1704,24 +1661,21 @@
<p>
<strong>JavaMail information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1754">
- CVE-2005-1754</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1754" rel="nofollow">CVE-2005-1754</a>
</p>
<p>The vulnerability described is in the web application deployed on Tomcat
rather than in Tomcat.</p>
<p>
<strong>JavaMail information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1753">
- CVE-2005-1753</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1753" rel="nofollow">CVE-2005-1753</a>
</p>
<p>The vulnerability described is in the web application deployed on Tomcat
rather than in Tomcat.</p>
<p>
<strong>important: Directory traversal</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938">
- CVE-2008-2938</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938" rel="nofollow">CVE-2008-2938</a>
</p>
<p>Originally reported as a Tomcat vulnerability the root cause of this
Modified: tomcat/site/trunk/docs/security-6.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Wed Jul 13 10:57:59 2011
@@ -329,8 +329,7 @@
<p>
<strong>Low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204">
- CVE-2011-2204</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204" rel="nofollow">CVE-2011-2204</a>
</p>
<p>When using the MemoryUserDatabase (based on tomcat-users.xml) and
@@ -394,8 +393,7 @@
<p>
<strong>Important: Remote Denial Of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534">
- CVE-2011-0534</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534" rel="nofollow">CVE-2011-0534</a>
</p>
<p>The NIO connector expands its buffer endlessly during request line
@@ -446,8 +444,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
- CVE-2011-0013</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013" rel="nofollow">CVE-2011-0013</a>
</p>
<p>The HTML Manager interface displayed web application provided data, such
@@ -466,8 +463,7 @@
<p>
<strong>moderate: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172">
- CVE-2010-4172</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172" rel="nofollow">CVE-2010-4172</a>
</p>
<p>The Manager application used the user provided parameters sort and
@@ -485,8 +481,7 @@
<p>
<strong>low: SecurityManager file permission bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
- CVE-2010-3718</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718" rel="nofollow">CVE-2010-3718</a>
</p>
<p>When running under a SecurityManager, access to the file system is
@@ -548,8 +543,7 @@
<p>
<strong>Important: Remote Denial Of Service and Information Disclosure
Vulnerability</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227">
- CVE-2010-2227</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227" rel="nofollow">CVE-2010-2227</a>
</p>
<p>Several flaws in the handling of the 'Transfer-Encoding' header were
@@ -578,8 +572,7 @@
<p>
<strong>Low: Information disclosure in authentication headers</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157">
- CVE-2010-1157</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157" rel="nofollow">CVE-2010-1157</a>
</p>
<p>The <code>WWW-Authenticate</code> HTTP header for BASIC and DIGEST
@@ -643,8 +636,7 @@
<p>
<strong>Low: Arbitrary file deletion and/or alteration on deploy</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693">
- CVE-2009-2693</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693" rel="nofollow">CVE-2009-2693</a>
</p>
<p>When deploying WAR files, the WAR files were not checked for directory
@@ -663,8 +655,7 @@
<p>
<strong>Low: Insecure partial deploy after failed undeploy</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901">
- CVE-2009-2901</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901" rel="nofollow">CVE-2009-2901</a>
</p>
<p>By default, Tomcat automatically deploys any directories placed in a
@@ -687,8 +678,7 @@
<p>
<strong>Low: Unexpected file deletion in work directory</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902">
- CVE-2009-2902</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902" rel="nofollow">CVE-2009-2902</a>
</p>
<p>When deploying WAR files, the WAR file names were not checked for
@@ -708,8 +698,7 @@
<p>
<strong>Low: Insecure default password</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548">
- CVE-2009-3548</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548" rel="nofollow">CVE-2009-3548</a>
</p>
<p>The Windows installer defaults to a blank password for the administrative
@@ -767,8 +756,7 @@
<p>
<strong>Important: Information Disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515">
- CVE-2008-5515</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515" rel="nofollow">CVE-2008-5515</a>
</p>
<p>When using a RequestDispatcher obtained from the Request, the target path
@@ -788,8 +776,7 @@
<p>
<strong>Important: Denial of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033">
- CVE-2009-0033</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033" rel="nofollow">CVE-2009-0033</a>
</p>
<p>If Tomcat receives a request with invalid headers via the Java AJP
@@ -810,8 +797,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580">
- CVE-2009-0580</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580" rel="nofollow">CVE-2009-0580</a>
</p>
<p>Due to insufficient error checking in some authentication classes, Tomcat
@@ -830,8 +816,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781">
- CVE-2009-0781</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781" rel="nofollow">CVE-2009-0781</a>
</p>
<p>The calendar application in the examples web application contains an
@@ -849,8 +834,7 @@
<p>
<strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783">
- CVE-2009-0783</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783" rel="nofollow">CVE-2009-0783</a>
</p>
<p>Bugs <a href="https://issues.apache.org/bugzilla/show_bug.cgi?id=29936">
@@ -914,8 +898,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
- CVE-2008-1232</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232" rel="nofollow">CVE-2008-1232</a>
</p>
<p>The message argument of HttpServletResponse.sendError() call is not only
@@ -936,8 +919,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947">
- CVE-2008-1947</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947" rel="nofollow">CVE-2008-1947</a>
</p>
<p>The Host Manager web application did not escape user provided data before
@@ -957,8 +939,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
- CVE-2008-2370</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370" rel="nofollow">CVE-2008-2370</a>
</p>
<p>When using a RequestDispatcher the target path was normalised before the
@@ -1010,21 +991,18 @@
<blockquote>
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333">
- CVE-2007-5333</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333" rel="nofollow">CVE-2007-5333</a>
</p>
<p>The previous fix for
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a> was incomplete. It did not consider the use of quotes
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" rel="nofollow">CVE-2007-3385</a> was incomplete. It did not consider the use of quotes
or %5C within a cookie value.</p>
<p>Affects: 6.0.0-6.0.14</p>
<p>
<strong>low: Elevated privileges</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342">
- CVE-2007-5342</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342" rel="nofollow">CVE-2007-5342</a>
</p>
<p>The JULI logging component allows web applications to provide their own
@@ -1037,8 +1015,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461">
- CVE-2007-5461</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461" rel="nofollow">CVE-2007-5461</a>
</p>
<p>When Tomcat's WebDAV servlet is configured for use with a context and
@@ -1050,8 +1027,7 @@
<p>
<strong>important: Data integrity</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286">
- CVE-2007-6286</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286" rel="nofollow">CVE-2007-6286</a>
</p>
<p>When using the native (APR based) connector, connecting to the SSL port
@@ -1062,8 +1038,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002">
- CVE-2008-0002</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002" rel="nofollow">CVE-2008-0002</a>
</p>
<p>If an exception occurs during the processing of parameters (eg if the
@@ -1107,8 +1082,7 @@
<blockquote>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449">
- CVE-2007-2449</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449" rel="nofollow">CVE-2007-2449</a>
</p>
<p>JSPs within the examples web application did not escape user provided
@@ -1123,8 +1097,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450">
- CVE-2007-2450</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450" rel="nofollow">CVE-2007-2450</a>
</p>
<p>The Manager and Host Manager web applications did not escape user
@@ -1137,8 +1110,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382">
- CVE-2007-3382</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382" rel="nofollow">CVE-2007-3382</a>
</p>
<p>Tomcat incorrectly treated a single quote character (') in a cookie
@@ -1149,8 +1121,7 @@
<p>
<strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" rel="nofollow">CVE-2007-3385</a>
</p>
<p>Tomcat incorrectly handled the character sequence \" in a cookie value.
@@ -1161,8 +1132,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386">
- CVE-2007-3386</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386" rel="nofollow">CVE-2007-3386</a>
</p>
<p>The Host Manager Servlet did not filter user supplied data before
@@ -1204,8 +1174,7 @@
<blockquote>
<p>
<strong>moderate: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355">
- CVE-2007-1355</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355" rel="nofollow">CVE-2007-1355</a>
</p>
<p>The JSP and Servlet included in the sample application within the Tomcat
@@ -1217,8 +1186,7 @@
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090">
- CVE-2005-2090</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090" rel="nofollow">CVE-2005-2090</a>
</p>
<p>Requests with multiple content-length headers should be rejected as
@@ -1267,8 +1235,7 @@
<blockquote>
<p>
<strong>important: Directory traversal</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450">
- CVE-2007-0450</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450" rel="nofollow">CVE-2007-0450</a>
</p>
<p>Tomcat permits '\', '%2F' and '%5C' as path delimiters. When Tomcat is used
@@ -1331,8 +1298,7 @@
<blockquote>
<p>
<strong>moderate: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128">
- CVE-2008-0128</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128" rel="nofollow">CVE-2008-0128</a>
</p>
<p>When using the SingleSignOn Valve via https the Cookie JSESSIONIDSSO is
@@ -1375,8 +1341,7 @@
<blockquote>
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358">
- CVE-2007-1358</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358" rel="nofollow">CVE-2007-1358</a>
</p>
<p>Web pages that display the Accept-Language header value sent by the
@@ -1419,8 +1384,7 @@
<p>
<strong>Important: Remote Denial Of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476">
- CVE-2010-4476</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476" rel="nofollow">CVE-2010-4476</a>
</p>
<p>A JVM bug could cause Double conversion to hang JVM when accessing to a
@@ -1441,8 +1405,7 @@
<p>
<strong>moderate: TLS SSL Man In The Middle</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
- CVE-2009-3555</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" rel="nofollow">CVE-2009-3555</a>
</p>
<p>A vulnerability exists in the TLS protocol that allows an attacker to
@@ -1479,8 +1442,7 @@
<p>
<strong>important: Directory traversal</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938">
- CVE-2008-2938</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938" rel="nofollow">CVE-2008-2938</a>
</p>
<p>Originally reported as a Tomcat vulnerability the root cause of this
Modified: tomcat/site/trunk/docs/security-7.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Wed Jul 13 10:57:59 2011
@@ -312,8 +312,7 @@
<p>
<strong>Low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204">
- CVE-2011-2204</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204" rel="nofollow">CVE-2011-2204</a>
</p>
<p>When using the MemoryUserDatabase (based on tomcat-users.xml) and
@@ -364,8 +363,7 @@
<p>
<strong>Important: Security constraint bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1582">
- CVE-2011-1582</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1582" rel="nofollow">CVE-2011-1582</a>
</p>
<p>An error in the fixes for CVE-2011-1088/CVE-2011-1183 meant that security
@@ -411,8 +409,7 @@
<p>
<strong>Important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1475">
- CVE-2011-1475</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1475" rel="nofollow">CVE-2011-1475</a>
</p>
<p>Changes introduced to the HTTP BIO connector to support Servlet 3.0
@@ -437,8 +434,7 @@
<p>
<strong>Important: Security constraint bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1183">
- CVE-2011-1183</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1183" rel="nofollow">CVE-2011-1183</a>
</p>
<p>A regression in the fix for CVE-2011-1088 meant that security constraints
@@ -484,8 +480,7 @@
<p>
<strong>Important: Security constraint bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1088">
- CVE-2011-1088</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1088" rel="nofollow">CVE-2011-1088</a>
</p>
<p>When a web application was started, <code>ServletSecurity</code>
@@ -546,8 +541,7 @@
<p>
<strong>Important: Remote Denial Of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534">
- CVE-2011-0534</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534" rel="nofollow">CVE-2011-0534</a>
</p>
<p>The NIO connector expands its buffer endlessly during request line
@@ -593,8 +587,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
- CVE-2011-0013</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013" rel="nofollow">CVE-2011-0013</a>
</p>
<p>The HTML Manager interface displayed web application provided data, such
@@ -641,8 +634,7 @@
<p>
<strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172">
- CVE-2010-4172</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172" rel="nofollow">CVE-2010-4172</a>
</p>
<p>The Manager application used the user provided parameters sort and
@@ -689,8 +681,7 @@
<p>
<strong>low: SecurityManager file permission bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
- CVE-2010-3718</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718" rel="nofollow">CVE-2010-3718</a>
</p>
<p>When running under a SecurityManager, access to the file system is
@@ -755,8 +746,7 @@
<p>
<strong>Important: Remote Denial Of Service and Information Disclosure
Vulnerability</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227">
- CVE-2010-2227</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227" rel="nofollow">CVE-2010-2227</a>
</p>
<p>Several flaws in the handling of the 'Transfer-Encoding' header were
@@ -805,8 +795,7 @@
<p>
<strong>Important: Remote Denial Of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476">
- CVE-2010-4476</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476" rel="nofollow">CVE-2010-4476</a>
</p>
<p>A JVM bug could cause Double conversion to hang JVM when accessing to a
@@ -827,8 +816,7 @@
<p>
<strong>moderate: TLS SSL Man In The Middle</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
- CVE-2009-3555</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" rel="nofollow">CVE-2009-3555</a>
</p>
<p>A vulnerability exists in the TLS protocol that allows an attacker to
Modified: tomcat/site/trunk/docs/security-jk.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-jk.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-jk.html (original)
+++ tomcat/site/trunk/docs/security-jk.html Wed Jul 13 10:57:59 2011
@@ -296,8 +296,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519">
- CVE-2008-5519</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519" rel="nofollow">CVE-2008-5519</a>
</p>
<p>Situations where faulty clients set Content-Length without providing
@@ -342,13 +341,11 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860">
- CVE-2007-1860</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860" rel="nofollow">CVE-2007-1860</a>
</p>
<p>The issue is related to
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450">
- CVE-2007-0450</a>, the patch for which was insufficient.</p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450" rel="nofollow">CVE-2007-0450</a>, the patch for which was insufficient.</p>
<p>When multiple components (firewalls, caches, proxies and Tomcat)
process a request, the request URL should not get decoded multiple times
@@ -407,8 +404,7 @@
<blockquote>
<p>
<strong>critical: Arbitrary code execution and denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774">
- CVE-2007-0774</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774" rel="nofollow">CVE-2007-0774</a>
</p>
<p>An unsafe memory copy in the URI handler for the native JK connector
@@ -447,8 +443,7 @@
<blockquote>
<p>
<strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7197">
- CVE-2006-7197</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7197" rel="nofollow">CVE-2006-7197</a>
</p>
<p>The Tomcat AJP connector contained a bug that sometimes set a too long
Modified: tomcat/site/trunk/docs/security-native.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-native.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-native.html (original)
+++ tomcat/site/trunk/docs/security-native.html Wed Jul 13 10:57:59 2011
@@ -287,8 +287,7 @@
<blockquote>
<p>
<strong>TLS SSL Man In The Middle</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
- CVE-2009-3555</a>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" rel="nofollow">CVE-2009-3555</a>
</p>
<p>A vulnerability exists in the TLS protocol that allows an attacker to
Modified: tomcat/site/trunk/docs/security.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security.html (original)
+++ tomcat/site/trunk/docs/security.html Wed Jul 13 10:57:59 2011
@@ -244,8 +244,8 @@
Vulnerabilities</a>
</li>
<li>
-<a href="security-native.html">Apache Tomcat APR/native Connector Security
- Vulnerabilities</a>
+<a href="security-native.html">Apache Tomcat APR/native Connector
+ Security Vulnerabilities</a>
</li>
</ul>
@@ -294,7 +294,8 @@
</p>
<p>We strongly encourage folks to report such problems to our private
- security mailing list first, before disclosing them in a public forum.</p>
+ security mailing list first, before disclosing them in a public forum.
+ </p>
<p>
<strong>Please note that the security mailing list should only be used
Modified: tomcat/site/trunk/docs/whoweare.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/whoweare.html?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/docs/whoweare.html (original)
+++ tomcat/site/trunk/docs/whoweare.html Wed Jul 13 10:57:59 2011
@@ -234,7 +234,8 @@ The following is a list of the Apache To
short bios for some of them.</p>
<p>
-A complete list of all the Apache Committers is <a href="http://www.apache.org/~jim/committers.html">also available</a>.
+A complete list of all the Apache Committers is
+<a href="http://www.apache.org/~jim/committers.html">also available</a>.
(It's a long list, so please be patient.)
</p>
Modified: tomcat/site/trunk/xdocs/security-3.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-3.xml?rev=1145952&r1=1145951&r2=1145952&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-3.xml (original)
+++ tomcat/site/trunk/xdocs/security-3.xml Wed Jul 13 10:57:59 2011
@@ -32,8 +32,8 @@
<section name="Not fixed in Apache Tomcat 3.x">
<p><strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808">
- CVE-2005-0808</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808"
+ rel="nofollow">CVE-2005-0808</a></p>
<p>Tomcat 3.x can be remotely caused to crash or shutdown by a connection
sending the right sequence of bytes to the AJP12 protocol port (TCP 8007
@@ -44,8 +44,8 @@
<p>Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.2</p>
<p><strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382">
- CVE-2007-3382</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382"
+ rel="nofollow">CVE-2007-3382</a></p>
<p>Tomcat incorrectly treated a single quote character (') in a cookie
value as a delimiter. In some circumstances this lead to the leaking of
@@ -54,8 +54,8 @@
<p>Affects: 3.3-3.3.2</p>
<p><strong>low: Cross site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3384">
- CVE-2007-3384</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3384"
+ rel="nofollow">CVE-2007-3384</a></p>
<p>When reporting error messages, Tomcat does not filter user supplied data
before display. This enables an XSS attack. A source patch is available
@@ -66,8 +66,8 @@
<p>Affects: 3.3-3.3.2</p>
<p><strong>low: Session hi-jacking</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385">
- CVE-2007-3385</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385"
+ rel="nofollow">CVE-2007-3385</a></p>
<p>Tomcat incorrectly handled the character sequence \" in a cookie value.
In some circumstances this lead to the leaking of information such as
@@ -79,8 +79,8 @@
<section name="Fixed in Apache Tomcat 3.3.2">
<p><strong>moderate: Cross site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044">
- CVE-2003-0044</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044"
+ rel="nofollow">CVE-2003-0044</a></p>
<p>The root web application and the examples web application contained a
number a cross-site scripting vulnerabilities. Note that is it
@@ -92,8 +92,8 @@
<section name="Fixed in Apache Tomcat 3.3.1a">
<p><strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043">
- CVE-2003-0043</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043"
+ rel="nofollow">CVE-2003-0043</a></p>
<p>When used with JDK 1.3.1 or earlier, web.xml files were read with
trusted privileges enabling files outside of the web application to be
@@ -102,8 +102,8 @@
<p>Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1</p>
<p><strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042">
- CVE-2003-0042</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042"
+ rel="nofollow">CVE-2003-0042</a></p>
<p>URLs containing null characters could result in file contents being
returned or a directory listing being returned even when a welcome file
@@ -114,8 +114,8 @@
<section name="Fixed in Apache Tomcat 3.3.1">
<p><strong>important: Denial of service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045">
- CVE-2003-0045</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045"
+ rel="nofollow">CVE-2003-0045</a></p>
<p>JSP page names that match a Windows DOS device name, such as aux.jsp, may
cause the thread processing the request to become unresponsive. A
@@ -127,8 +127,8 @@
<section name="Fixed in Apache Tomcat 3.3a">
<p><strong>moderate: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007">
- CVE-2002-2007</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007"
+ rel="nofollow">CVE-2002-2007</a></p>
<p>Non-standard requests to the sample applications installed by default
could result in unexpected directory listings or disclosure of the full
@@ -137,10 +137,10 @@
<p>Affects: 3.2.3-3.2.4</p>
<p><strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006">
- CVE-2002-2006</a>,
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760">
- CVE-2000-0760</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006"
+ rel="nofollow">CVE-2002-2006</a>,
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760"
+ rel="nofollow">CVE-2000-0760</a></p>
<p>The snoop servlet installed as part of the examples includes output that
identifies the Tomcat installation path. There are no plans to issue a an
@@ -151,8 +151,8 @@
<section name="Fixed in Apache Tomcat 3.2.4">
<p><strong>moderate: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1563">
- CVE-2001-1563</a><br/></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1563"
+ rel="nofollow">CVE-2001-1563</a><br/></p>
<p>No specifics are provided in the vulnerability report. This may be a
summary of other issues reported against 3.2.x</p>
@@ -162,8 +162,8 @@
<section name="Fixed in Apache Tomcat 3.2.2">
<p><strong>moderate: Cross site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829">
- CVE-2001-0829</a></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829"
+ rel="nofollow">CVE-2001-0829</a></p>
<p>The default 404 error page does not escape URLs. This allows XSS
attacks using specially crafted URLs.</p>
@@ -171,8 +171,8 @@
<p>Affects: 3.0, 3.1-3.1.1, 3.2-3.2.1</p>
<p><strong>moderate: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590">
- CVE-2001-0590</a><br/></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590"
+ rel="nofollow">CVE-2001-0590</a><br/></p>
<p>A specially crafted URL can be used to obtain the source for JSPs.</p>
@@ -181,8 +181,8 @@
<section name="Fixed in Apache Tomcat 3.2">
<p><strong>low: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0759">
- CVE-2000-0759</a><br/></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0759"
+ rel="nofollow">CVE-2000-0759</a><br/></p>
<p>Requesting a JSP that does not exist results in an error page that
includes the full file system page of the current context.</p>
@@ -190,8 +190,8 @@
<p>Affects: 3.1</p>
<p><strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0672">
- CVE-2000-0672</a><br/></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0672"
+ rel="nofollow">CVE-2000-0672</a><br/></p>
<p>Access to the admin context is not protected. This context allows an
attacker to mount an arbitary file system path as a context. Any files
@@ -203,8 +203,8 @@
<section name="Fixed in Apache Tomcat 3.1">
<p><strong>important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1210">
- CVE-2000-1210</a><br/></p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1210"
+ rel="nofollow">CVE-2000-1210</a><br/></p>
<p>source.jsp, provided as part of the examples, allows an attacker to read
arbitrary files via a .. (dot dot) in the argument to source.jsp.</p>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org