Advisory Published

RHSA-2007:1069: Moderate: tomcat security update for Red Hat Network Satellite Server

First published: Mon Nov 26 2007(Updated: )

Tomcat is a servlet container for Java Servlet and JavaServer Pages<br>technologies.<br>It was reported Tomcat did not properly handle the following character<br>sequence in a cookie: \" (a backslash followed by a double-quote). It was<br>possible remote attackers could use this failure to obtain sensitive<br>information, such as session IDs, for session hijacking attacks<br>(CVE-2007-3385). <br>Tomcat was found treating single quote characters -- ' -- as delimiters in<br>cookies. This could allow remote attackers to obtain sensitive information,<br>such as session IDs, for session hijacking attacks (CVE-2007-3382).<br>The default Tomcat configuration permitted the use of insecure<br>SSL cipher suites including the anonymous cipher suite. (CVE-2007-1858)<br>Tomcat permitted various characters as path delimiters. If Tomcat was used<br>behind certain proxies and configured to only proxy some contexts, an<br>attacker could construct an HTTP request to work around the context<br>restriction and potentially access non-proxied content. (CVE-2007-0450)<br>Directory listings were enabled by default in Tomcat. Information stored<br>unprotected under the document root was visible to anyone if the<br>administrator did not disable directory listings. (CVE-2006-3835)<br>It was found that generating listings of large directories was CPU<br>intensive. An attacker could make repeated requests to obtain a directory<br>listing of any large directory, leading to a denial of service.<br>(CVE-2005-3510) <br>Tomcat was found to accept multiple content-length headers in a<br>request. This could allow attackers to poison a web-cache, bypass web<br>application firewall protection, or conduct cross-site scripting attacks.<br>(CVE-2005-2090)<br>Users should upgrade to these erratum packages which contain an update to<br>Tomcat that resolves these issues, and add the tyrex and<br>jakarta-commons-pool packages which are required dependencies of the new<br>Tomcat version.

Affected SoftwareAffected VersionHow to fix
Red Hat Satellite
Tomcat

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of RHSA-2007:1069?

    The severity of RHSA-2007:1069 is classified as important due to potential remote code execution.

  • How do I fix RHSA-2007:1069?

    To fix RHSA-2007:1069, update Tomcat to the latest version as specified in the security advisory.

  • What vulnerabilities are addressed by RHSA-2007:1069?

    RHSA-2007:1069 addresses the improper handling of special characters in cookies, which could lead to security issues.

  • Which versions of Tomcat are affected by RHSA-2007:1069?

    RHSA-2007:1069 affects specific versions of Tomcat prior to the security update.

  • Is remote access required to exploit RHSA-2007:1069?

    Yes, remote access is required for an attacker to exploit the vulnerability addressed in RHSA-2007:1069.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203