1 |
type: security |
2 |
subject: Updated tomcat6 packages fix multiple vulnerabilities and logging |
3 |
CVE: |
4 |
- CVE-2012-3544 |
5 |
- CVE-2013-1571 |
6 |
- CVE-2013-1976 |
7 |
- CVE-2013-2067 |
8 |
src: |
9 |
3: |
10 |
core: |
11 |
- tomcat6-6.0.39-1.1.mga3 |
12 |
description: | |
13 |
Updated tomcat6 packages fix security vulnerabilities: |
14 |
|
15 |
It was discovered that Tomcat incorrectly handled certain requests |
16 |
submitted using chunked transfer encoding. A remote attacker could use this |
17 |
flaw to cause the Tomcat server to stop responding, resulting in a denial |
18 |
of service (CVE-2012-3544). |
19 |
|
20 |
A frame injection in the Javadoc component in Oracle Java SE 7 Update 21 |
21 |
and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; |
22 |
JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect |
23 |
integrity via unknown vectors related to Javadoc (CVE-2013-1571) |
24 |
|
25 |
A flaw was found in the way the tomcat6 init script handled the |
26 |
tomcat6-initd.log log file. A malicious web application deployed on Tomcat |
27 |
could use this flaw to perform a symbolic link attack to change the |
28 |
ownership of an arbitrary system file to that of the tomcat user, allowing |
29 |
them to escalate their privileges to root (CVE-2013-1976). |
30 |
|
31 |
It was discovered that Tomcat incorrectly handled certain authentication |
32 |
requests. A remote attacker could possibly use this flaw to inject a |
33 |
request that would get executed with a victim's credentials (CVE-2013-2067). |
34 |
|
35 |
Note: With this update, tomcat6-initd.log has been moved from |
36 |
/var/log/tomcat6/ to the /var/log/ directory. |
37 |
references: |
38 |
- http://www.ubuntu.com/usn/usn-1841-1/ |
39 |
- https://rhn.redhat.com/errata/RHSA-2013-0869.html |
40 |
- http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.39 |
41 |
- https://bugs.mageia.org/show_bug.cgi?id=10201 |
42 |
ID: MGASA-2014-0082 |