SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Web Server/CGI)  >   Apache Tomcat Vendors:   Apache Software Foundation
(CentOS Issues Fix) Apache Tomcat Default Servlet Error Handling Bug May Let Remote Users Bypass HTTP Method Restrictions on the Target Error Page
SecurityTracker Alert ID:  1039009
SecurityTracker URL:  http://securitytracker.com/id/1039009
CVE Reference:   CVE-2017-5664   (Links to External Site)
Date:  Jul 27 2017
Impact:   Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.0.0 to 7.0.77, 8.0.0.RC1 to 8.0.43, 8.5.0 to 8.5.14, 9.0.0.M1 to 9.0.0.M20
Description:   A vulnerability was reported in Apache Tomcat. A remote user can bypass security controls on the target system.

The Default Servlet error page mechanism does not properly handle certain HTTP request methods for static error pages. As a result, a remote user may be able to bypass HTTP method restrictions and cause unexpected actions to occur for static error pages, potentially including the deletion or replacement of the target error page.

Aniket Nandkishor Kulkarni from Tata Consultancy Services Ltd, Mumbai, India reported this vulnerability.

Impact:   A remote user may be able to cause a target error page to be deleted or replaced.
Solution:   CentOS has issued a fix.

x86_64:
43294259acd512850715ad15c50e7767bea30b2c123117f5f760eb4ad5d02e0b tomcat-7.0.69-12.el7_3.noarch.rpm
e4605d5673e75ee3592faef8b59d1a2a8efa0da6e3cd8b04064380698586f9a3 tomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm
6330befc3bd1b7ab35b89ceca55174d94f7e0fe9cf2201166e18c399d48a1687 tomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpm
d89786225c6c877fc6134d8e45a85b7fc77169de14ffc543b26ab58299a36f6a tomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm
38a4c3e437b1b8d3e4baa175b70a2bdc2681c175c5f7c8d12867100fb9c45134 tomcat-javadoc-7.0.69-12.el7_3.noarch.rpm
2a27c95ad8005bb879140c28deac8f2fac5d85ba225a0abed4ad99956b3231a6 tomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm
dd585fca98f9ff44e927c5820e8731b8604bd23c4c282883ff89501da5476274 tomcat-jsvc-7.0.69-12.el7_3.noarch.rpm
37f28d949569ca81df0b5934ee32116069f912a640e5704d53a6ee521cca4d89 tomcat-lib-7.0.69-12.el7_3.noarch.rpm
726d723713f270e4fb0fed6a2a59c2b224da4e2cf0b2b458a90cf5fcc90331b4 tomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpm
84766cc7724a0399ed3e9830ac5803249395cd4ddd5cab2bdb8730e9cca0a2f0 tomcat-webapps-7.0.69-12.el7_3.noarch.rpm

Source:
209cc83cab3a92eaa48d20eb364e982722e639c29f1e3c984e2e03d45fcdbe73 tomcat-7.0.69-12.el7_3.src.rpm

Cause:   Access control error, State error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Jun 8 2017 Apache Tomcat Default Servlet Error Handling Bug May Let Remote Users Bypass HTTP Method Restrictions on the Target Error Page



 Source Message Contents

Subject:  [CentOS-announce] CESA-2017:1809 Important CentOS 7 tomcat Security Update


CentOS Errata and Security Advisory 2017:1809 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2017:1809

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
43294259acd512850715ad15c50e7767bea30b2c123117f5f760eb4ad5d02e0b  tomcat-7.0.69-12.el7_3.noarch.rpm
e4605d5673e75ee3592faef8b59d1a2a8efa0da6e3cd8b04064380698586f9a3  tomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm
6330befc3bd1b7ab35b89ceca55174d94f7e0fe9cf2201166e18c399d48a1687  tomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpm
d89786225c6c877fc6134d8e45a85b7fc77169de14ffc543b26ab58299a36f6a  tomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm
38a4c3e437b1b8d3e4baa175b70a2bdc2681c175c5f7c8d12867100fb9c45134  tomcat-javadoc-7.0.69-12.el7_3.noarch.rpm
2a27c95ad8005bb879140c28deac8f2fac5d85ba225a0abed4ad99956b3231a6  tomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm
dd585fca98f9ff44e927c5820e8731b8604bd23c4c282883ff89501da5476274  tomcat-jsvc-7.0.69-12.el7_3.noarch.rpm
37f28d949569ca81df0b5934ee32116069f912a640e5704d53a6ee521cca4d89  tomcat-lib-7.0.69-12.el7_3.noarch.rpm
726d723713f270e4fb0fed6a2a59c2b224da4e2cf0b2b458a90cf5fcc90331b4  tomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpm
84766cc7724a0399ed3e9830ac5803249395cd4ddd5cab2bdb8730e9cca0a2f0  tomcat-webapps-7.0.69-12.el7_3.noarch.rpm

Source:
209cc83cab3a92eaa48d20eb364e982722e639c29f1e3c984e2e03d45fcdbe73  tomcat-7.0.69-12.el7_3.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, SecurityGlobal.net LLC