SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Apache Tomcat Vendors:   Apache Software Foundation
Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
SecurityTracker Alert ID:  1032330
SecurityTracker URL:  http://securitytracker.com/id/1032330
CVE Reference:   CVE-2014-7810   (Links to External Site)
Date:  May 14 2015
Impact:   Disclosure of system information, Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.0.0 to 6.0.43, 7.0.0 to 7.0.57, 8.0.0-RC1 to 8.0.15
Description:   A vulnerability was reported in Apache Tomcat. A remote user can bypass security controls on the target system.

On systems that run web applications from untrusted sources, a web application can use specially crafted expression language to bypass Security Manager protections and access the the interfaces of some classes.

Impact:   A remote user can bypass Security Manager protections and access the the interfaces of some classes.
Solution:   The vendor has issued a fix (6.0.44, 7.0.59, 8.0.17).

The vendor's advisory is available at:

http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17

Vendor URL:  tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17 (Links to External Site)
Cause:   Not specified
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 30 2015 (Blue Coat Systems Issues Fix for Blue Coat Director) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
Blue Coat Systems has issued a fix for Blue Coat Director.
Jul 30 2015 (Blue Coat Systems Issues Advisory for Blue Coat IntelligenceCenter) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
Blue Coat Systems has issued an advisory for Blue Coat IntelligenceCenter 3.2 and 3.3.
Aug 14 2015 (Red Hat Issues Fix for JBoss) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
Red Hat has issued a fix for JBoss for Red Hat Enterprise Linux 5, 6, and 7.
Mar 23 2016 (Red Hat Issues Fix) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Mar 24 2016 (Oracle Issues Fix for Oracle Linux) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
Oracle has issued a fix for Oracle Linux 6.
Mar 24 2016 (CentOS Issues Fix) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
CentOS has issued a fix for CentOS 6.
Apr 5 2016 (HPE Issues Fix) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
HPE has issued a fix for HP-UX 11.31.
Nov 4 2016 (Red Hat Issues Fix) Apache Tomcat Security Manager Can Be Bypassed By Remote Users in Certain Cases
Red Hat has issued a fix for Red Hat Enterprise Linux 7.



 Source Message Contents

Subject:  [SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2014-7810 Security Manager Bypass

Severity: Moderate

Vendor: The Apache Software Foundation

Versions Affected:
- - Apache Tomcat 8.0.0-RC1 to 8.0.15
- - Apache Tomcat 7.0.0 to 7.0.57
- - Apache Tomcat 6.0.0 to 6.0.43

Description:
Malicious web applications could use expression language to bypass the
protections of a Security Manager as expressions were evaluated within
a privileged code section.
This issue only affects installations that run web applications from
untrusted sources.

Mitigation:
Users of affected versions should apply one of the following mitigations
- - Upgrade to Apache Tomcat 8.0.17 or later
  (8.0.16 has the fix but was not released)
- - Upgrade to Apache Tomcat 7.0.59 or later
  (7.0.58 has the fix but was not released)
- - Upgrade to Apache Tomcat 6.0.44 or later


Credit:
This issue was discovered by the Apache Tomcat security team.

References:
[1] http://tomcat.apache.org/security-8.html
[2] http://tomcat.apache.org/security-7.html
[3] http://tomcat.apache.org/security-6.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVVKsbAAoJEBDAHFovYFnnTkYQAMos6+1kaJ+d+h0oGeiG7CDV
PxcQ/AS0LdqXZuC92dXYNv+eQTB+pD0N9ePIyIMwsyEzeS2KGyOw5R8Klsro6lcq
eYKH8Tv7egIzKO9dRCqhyWTytl73KPf0h6z4nnVHr/rTJ2/7pJX6x+7fjey5jcO+
G7kCQErj6bnNzgeMM/mLLVlM7YYrbA5hbQgplCdgRO5NpxaL+3raaJ19/gFZKjP3
Mqgwg/6uopkgxTFRh8Fprj6tdoPBXZ6Vxy3qJmcuOCt0yktaypqFPLTH+JM6pnme
6/Mdk4u6PhKyGPPlmvrub0priFl32tEyJNBkghHJd2QkYkZrM6t3wcOsgUawPJxZ
hJrq+nJ7CJ3FUzcj9o05M4Q/TJ7seOurhPXF8YMIPn7ibrSb1Eq2Y0yZe/NGij/k
dOZX5m3I62HeS1zjCIcIhKx9i6ZFTvfoe8/bF6/LPgAqfy2AB8+HBrRGVfqUh/QB
w3AdDX7BxDWJKVgz9YknJG9keuR0tLV+MOI0M0LS9LHj9wAiunmq/+x03ZUX+coc
btTrKnSuZq5sjmX5Xj7rilrSlq1GftGMnQyxOHiIzjCR9b59yS/BX/OkprrFXIAM
Nd42B7vxWubKuOhXlyMlDt4QpnM3RsAFaD3irNc3LAQ3kpdtvsinExr3VaCvIcJ1
IETAzUe85oPF2HojrJDu
=2DTj
-----END PGP SIGNATURE-----
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC