RHSA-2007:0326: Important: tomcat security update

First published: Mon May 21 2007(Updated: )

Tomcat is a servlet container for Java Servlet and JavaServer Pages<br>technologies.<br>Tomcat was found to accept multiple content-length headers in a<br>request. This could allow attackers to poison a web-cache, bypass web<br>application firewall protection, or conduct cross-site scripting attacks. <br>(CVE-2005-2090)<br>Tomcat permitted various characters as path delimiters. If Tomcat was used<br>behind certain proxies and configured to only proxy some contexts, an<br>attacker could construct an HTTP request to work around the context<br>restriction and potentially access non-proxied content. (CVE-2007-0450)<br>Several applications distributed in the JSP examples displayed unfiltered<br>values. If the JSP examples are accessible, these flaws could allow a<br>remote attacker to perform cross-site scripting attacks. (CVE-2006-7195,<br>CVE-2006-7196)<br>The default Tomcat configuration permitted the use of insecure<br>SSL cipher suites including the anonymous cipher suite. (CVE-2007-1858)<br>Directory listings were enabled by default in Tomcat. Information stored<br>unprotected under the document root was visible to anyone if the<br>administrator did not disable directory listings. (CVE-2006-3835)<br>Users should upgrade to these erratum packages which contain Tomcat version<br>5.5.23 that resolves these issues. Updated jakarta-commons-modeler<br>packages are also included which correct a bug when used with Tomcat 5.5.23.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2007:0326
• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type