tomcat6-6.0.24-35.AXS4
エラータID: AXSA:2012-03:01
リリース日:
2012/01/04 Wednesday - 13:46
題名:
tomcat6-6.0.24-35.AXS4
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Apache Tomcat の HTTP Digest Access Authentication 実装は、リプレイ攻撃への対応策を持たないため、アクセス制限を回避される脆弱性が存在します。(CVE-2011-1184)
- Apache Tomcat は MemoryUserDatabase を使用している場合,JMX ユーザの作成の際にエラーが生じるとパスワードを含むログエントリを作成し,ログファイルを読むことによって,ローカルのユーザが機密情報を得る脆弱性があります。(CVE-2011-2204)
- Apache Tomcat は, HTTP APR あるいは HTTP NIO connector のために sendfile が有効である場合,特定のリクエストの属性を確認せず,信用できない WEB アプリケーションを利用することによって,ローカルのユーザがファイルアクセス制限を回避したり,サービス拒否 (無限ループあるいは JVM のクラッシュ) を引き起こす脆弱性があります。(CVE-2011-2526)
- Apache Tomcat の特定の AJP プロトコルコネクタ実装は,コネクタがリクエストの本体を新しいリクエストとして解釈させることによって,リモートの攻撃者が AJP リクエストを偽造したり,認証を回避したり,機密情報を取得する脆弱性があります。(CVE-2011-3190)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
CVE-2011-2204
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
CVE-2011-2526
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
CVE-2011-3190
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
追加情報:
N/A
ダウンロード:
SRPMS
- tomcat6-6.0.24-35.AXS4.src.rpm
MD5: 6f0bacaab6f4fdb275a2d55a0a278c63
SHA-256: 8db0a56411acbf5674d11e1de1062875a72cfeefdc392e95b6c26e77eba29665
Size: 3.34 MB
Asianux Server 4 for x86
- tomcat6-6.0.24-35.AXS4.noarch.rpm
MD5: 92d5484053d22e56603c075304b2f123
SHA-256: 01abeb993c5293411c5f2fe6b95d32264b59e90c3f167413fd15c86eff0a0b2b
Size: 86.09 kB - tomcat6-el-2.1-api-6.0.24-35.AXS4.noarch.rpm
MD5: 1c9c198e6a998cf85f67503926581437
SHA-256: ffe4539e119db57f5176e79a3e4c206bc7457b647bec883ee9ecb26dd1ceab76
Size: 41.46 kB - tomcat6-jsp-2.1-api-6.0.24-35.AXS4.noarch.rpm
MD5: 58f5597662aee5299aadd16b80675abb
SHA-256: ab1f93095c45d7ed23eb5c3c866d3ffee89f6924fceca582f2607955f5189dac
Size: 78.35 kB - tomcat6-lib-6.0.24-35.AXS4.noarch.rpm
MD5: ac245cffdd6b1185f0bfb0b623b5073f
SHA-256: 9dcbd347c30105c02460ae4c70d628a2097b711a1b526c90556f587a4f68d477
Size: 2.82 MB - tomcat6-servlet-2.5-api-6.0.24-35.AXS4.noarch.rpm
MD5: ead05665a0d1e3d406b1d9316c268acf
SHA-256: 9df447fb5b2e56024e872a98c2950b1ead4047795ef77a174f402f0df8bb269d
Size: 92.23 kB
Asianux Server 4 for x86_64
- tomcat6-6.0.24-35.AXS4.noarch.rpm
MD5: 1c08dd6e4222e6c13ba95c88dce2f1fb
SHA-256: e6f9048ffce64e123cdbd546c576971f44352c1c266cfe5f3cd6d58da3cec426
Size: 85.64 kB - tomcat6-el-2.1-api-6.0.24-35.AXS4.noarch.rpm
MD5: 088e29c17c8072a05e39ba0f83af9000
SHA-256: 2ea7c11707ada55a8c6491afad3a15763c77cbf5531c678365a3ab506c345790
Size: 41.01 kB - tomcat6-jsp-2.1-api-6.0.24-35.AXS4.noarch.rpm
MD5: 2d9bec08682ffc47604b0e204ec65dbe
SHA-256: 83e73aa4f57d24971a91b627faae1e986b316fe3a7e7fa1a40bc8e30f9996161
Size: 77.90 kB - tomcat6-lib-6.0.24-35.AXS4.noarch.rpm
MD5: dd6e69278c98b80250dbca35eef0483a
SHA-256: 114abb24f66324a2e6f69fb205843bfb2f16714bc0538e00ee0427366bec71d7
Size: 2.82 MB - tomcat6-servlet-2.5-api-6.0.24-35.AXS4.noarch.rpm
MD5: 6e2b9bd3cbd02126e16cea447bcf8591
SHA-256: edb636209b636d111a7889117b1035cf0d27f13ca11313cb7d83bf9c2fbee14d
Size: 91.79 kB