tomcat6-6.0.24-105.AXS4
エラータID: AXSA:2017-1345:01
リリース日:
2017/03/15 Wednesday - 21:21
題名:
tomcat6-6.0.24-105.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- HTTP リクエストラインをパースする Apache Tomcat のコードが不正な文字を許
可していました。HTTP レスポンスを細工することによって,攻撃者が Web キャッ
シュを汚染し,XSS 攻撃を行う,あるいは自分自身以外のリクエストから機密情報
を取得する脆弱性があります。(CVE-2016-6816)
- 現時点では CVE-2016-8745 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-6816
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
CVE-2016-8745
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions.
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions.
追加情報:
N/A
ダウンロード:
SRPMS
- tomcat6-6.0.24-105.AXS4.src.rpm
MD5: 33e58e37bf14a03c64f8de849a4d2627
SHA-256: f49ea3226aca057e640228417f0b7d45f1d904e39ef311dcaa16500239b16dba
Size: 3.64 MB
Asianux Server 4 for x86
- tomcat6-6.0.24-105.AXS4.noarch.rpm
MD5: a3f16daf90e5c25da13f8f5f9deb2088
SHA-256: c7d3e443cae49b104303f7c439c8fd7e06ce660964410b4542a5a717c056b4be
Size: 94.76 kB - tomcat6-el-2.1-api-6.0.24-105.AXS4.noarch.rpm
MD5: a1fc094a6301595e781d48f233ab02fe
SHA-256: 54065256a440122379d09003f853a6877fba90268b475ff45b5a6850afaec2c9
Size: 50.55 kB - tomcat6-jsp-2.1-api-6.0.24-105.AXS4.noarch.rpm
MD5: 844c47d573b9d946c85e53186bdf4734
SHA-256: 2b210ca7c4d23d989ea09d7d3c65ce459bfa49c092355bb19e0517b5cf1ec52b
Size: 87.00 kB - tomcat6-lib-6.0.24-105.AXS4.noarch.rpm
MD5: c0da456c6b5ba32aba20d4ab1ae88c97
SHA-256: a05c5e9439534ec7a4d85374e127a73e06a1d9a42e5b0e529b0037c5120c891b
Size: 2.92 MB - tomcat6-servlet-2.5-api-6.0.24-105.AXS4.noarch.rpm
MD5: 5b135e76c635fcd4d1c2d582f95bb366
SHA-256: a333d42b1d77898778e7d8ed46e200d9fb0152665b6174aed420600463849123
Size: 121.03 kB
Asianux Server 4 for x86_64
- tomcat6-6.0.24-105.AXS4.noarch.rpm
MD5: 72e1030778ddae5dedec9427d8be3d27
SHA-256: 01fc8f0a4a7e04ebe8755c25bfdc5611847f5f3e85dfecf440244a6192c51e4b
Size: 94.33 kB - tomcat6-el-2.1-api-6.0.24-105.AXS4.noarch.rpm
MD5: 1d6821d06c1767e8afa5e15710dc8b40
SHA-256: a5573d6f34c9a75b1eabdcb0f3ca3f2304070031c332096ab1d6cc21097bed70
Size: 50.09 kB - tomcat6-jsp-2.1-api-6.0.24-105.AXS4.noarch.rpm
MD5: 89cc28354692e670b3cd7f51d59082aa
SHA-256: 47d29e80515280ece79dc4f580862a83ace3ed6147aa3c17a850cfd70b4f4641
Size: 86.55 kB - tomcat6-lib-6.0.24-105.AXS4.noarch.rpm
MD5: 8423c45144a05d69ad9353ee32b8d0ed
SHA-256: 45f89f8648d98b5d65470b32431dbc2adbe8df401cfce2efbe39dfeb7d9249a9
Size: 2.92 MB - tomcat6-servlet-2.5-api-6.0.24-105.AXS4.noarch.rpm
MD5: 90eceaddff4b9def3b23082a1801821d
SHA-256: 9a16d5f8aaf7a3b5c205de74ceae6bf05a10a6c49830b407c11546dcacffb197
Size: 120.58 kB