ID

VAR-200902-0677


CVE

CVE-2008-4308


TITLE

Apache Tomcat POST Data Information Disclosure Vulnerability

Trust: 0.9

sources: BID: 33913 // CNNVD: CNNVD-200902-617

DESCRIPTION

The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request. Apache Tomcat from The Apache Software Foundation contains an information disclosure vulnerability. Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies. This vulnerability was addressed and solved in ASF Bugzilla - Bug 40771. However there was no description regarding this vulnerability in ASF Bugzilla - Bug 40771. Therefore, The Apache Tomcat Development Team has decided to publish an advisory regarding this issue.A remote attacker could possibly obtain user credentials such as password, session ID, user ID, etc. According to the developer, unsupported Apache Tomcat 3.x, 4.0.x, and 5.0.x may also be affected. They have confirmed that Apache Tomcat 6.0.x is not affected. Remote attackers can exploit this issue to obtain sensitive data stored on the server. Information obtained may lead to further attacks. Publication of this issue was then postponed until now at the request of the reporter. For a vulnerability to exist the content read from the input stream must be disclosed, eg via writing it to the response and committing the response, before the ArrayIndexOutOfBoundsException occurs which will halt processing of the request. Mitigation: Upgrade to: 4.1.35 or later 5.5.21 or later 6.0.0 or later Example: See original bug report for example of how to create the error condition. Credit: This issue was discovered by Fujitsu and reported to the Tomcat Security Team via JPCERT. References: http://tomcat.apache.org/security.html Mark Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJpdGRb7IeiTPGAkMRAkK+AKC1m5WunqOmwuFYSYEoASF/AokgDQCffmxM U3IdbfYNVtRIzCW5XTvhv2E= =rJGg -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Did you know? Our assessment and impact rating along with detailed information such as exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apache Tomcat POST Content Disclosure Vulnerability SECUNIA ADVISORY ID: SA34057 VERIFY ADVISORY: http://secunia.com/advisories/34057/ DESCRIPTION: A vulnerability has been reported in Apache Tomcat, which can be exploited by malicious people to potentially disclose sensitive information. The vulnerability is reported in versions 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20. PROVIDED AND/OR DISCOVERED BY: The vendor credits Fujitsu, reporting via JPCERT. ORIGINAL ADVISORY: Apache Tomcat: http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://www.mail-archive.com/users@tomcat.apache.org/msg57428.html JVN: http://jvn.jp/jp/JVN66905322/index.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-4308 // JVNDB: JVNDB-2009-000010 // BID: 33913 // PACKETSTORM: 75211 // PACKETSTORM: 75254

AFFECTED PRODUCTS

vendor:apachemodel:tomcatscope:eqversion:5.5.18

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.17

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.16

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.15

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.14

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.13

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.12

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.11

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.10

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:4.1.34

Trust: 1.9

vendor:apachemodel:tomcatscope:eqversion:5.5.20

Trust: 1.3

vendor:apachemodel:tomcatscope:eqversion:5.5.19

Trust: 1.3

vendor:apachemodel:tomcatscope:eqversion:4.1.32

Trust: 1.3

vendor:apachemodel:tomcatscope:eqversion:4.1.33

Trust: 1.0

vendor:apachemodel:tomcatscope:eqversion:4.1.32 to 4.1.34

Trust: 0.8

vendor:apachemodel:tomcatscope:eqversion:5.5.10 to 5.5.20

Trust: 0.8

vendor:fujitsumodel:interstage application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage business application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage studioscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage web serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage studio standard-j editionscope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage studio enterprise editionscope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j edition ascope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j editionscope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise edition ascope:eqversion:9.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:9.0

Trust: 0.3

vendor:apachemodel:tomcatscope:neversion:5.5.21

Trust: 0.3

vendor:apachemodel:tomcatscope:neversion:4.1.35

Trust: 0.3

sources: BID: 33913 // JVNDB: JVNDB-2009-000010 // CNNVD: CNNVD-200902-617 // NVD: CVE-2008-4308

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-4308
value: LOW

Trust: 1.0

IPA: JVNDB-2009-000010
value: LOW

Trust: 0.8

CNNVD: CNNVD-200902-617
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2008-4308
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2009-000010
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: JVNDB: JVNDB-2009-000010 // CNNVD: CNNVD-200902-617 // NVD: CVE-2008-4308

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2009-000010 // NVD: CVE-2008-4308

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200902-617

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-200902-617

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-000010

PATCH

title:Apache Tomcat 4.x vulnerabilities CVE-2008-4308url:http://tomcat.apache.org/security-4.html

Trust: 0.8

title:Apache Tomcat 5.x vulnerabilities CVE-2008-4308url:http://tomcat.apache.org/security-5.html

Trust: 0.8

title:Security Updatesurl:http://tomcat.apache.org/security

Trust: 0.8

title:Bug 40771url:https://issues.apache.org/bugzilla/show_bug.cgi?id=40771

Trust: 0.8

title:JVN#66905322url:http://software.fujitsu.com/jp/security/vulnerabilities/jvn-66905322.html

Trust: 0.8

title:interstage-200901url:http://www.fujitsu.com/global/support/software/security/products-f/interstage-200901e.html

Trust: 0.8

title:Apache Tomcat POST Data Repair measures for information disclosure vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=90958

Trust: 0.6

sources: JVNDB: JVNDB-2009-000010 // CNNVD: CNNVD-200902-617

EXTERNAL IDS

db:JVNDBid:JVNDB-2009-000010

Trust: 3.2

db:NVDid:CVE-2008-4308

Trust: 2.8

db:BIDid:33913

Trust: 2.7

db:SECUNIAid:34057

Trust: 2.6

db:JVNid:JVN66905322

Trust: 2.5

db:VUPENid:ADV-2009-0541

Trust: 2.4

db:CNNVDid:CNNVD-200902-617

Trust: 0.6

db:PACKETSTORMid:75211

Trust: 0.1

db:PACKETSTORMid:75254

Trust: 0.1

sources: BID: 33913 // JVNDB: JVNDB-2009-000010 // PACKETSTORM: 75211 // PACKETSTORM: 75254 // CNNVD: CNNVD-200902-617 // NVD: CVE-2008-4308

REFERENCES

url:http://www.securityfocus.com/bid/33913

Trust: 3.0

url:http://jvn.jp/en/jp/jvn66905322/index.html

Trust: 2.4

url:http://jvndb.jvn.jp/ja/contents/2009/jvndb-2009-000010.html

Trust: 2.4

url:http://www.vupen.com/english/advisories/2009/0541

Trust: 2.4

url:https://issues.apache.org/bugzilla/show_bug.cgi?id=40771

Trust: 1.9

url:https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3cdev.tomcat.apache.org%3e

Trust: 1.6

url:https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3cdev.tomcat.apache.org%3e

Trust: 1.6

url:http://secunia.com/advisories/34057

Trust: 1.6

url:http://www.securityfocus.com/archive/1/501250

Trust: 1.6

url:https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3cdev.tomcat.apache.org%3e

Trust: 1.6

url:http://secunia.com/advisories/34057/

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4308

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4308

Trust: 0.8

url:https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3cdev.tomcat.apache.org%3e

Trust: 0.6

url:https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3cdev.tomcat.apache.org%3e

Trust: 0.6

url:http://tomcat.apache.org/security-4.html

Trust: 0.4

url:http://tomcat.apache.org/security-5.html

Trust: 0.4

url:http://www.mail-archive.com/users@tomcat.apache.org/msg57428.html

Trust: 0.4

url:http://tomcat.apache.org/

Trust: 0.3

url:/archive/1/501250

Trust: 0.3

url:http://www.fujitsu.com/global/support/software/security/products-f/interstage-200901e.html

Trust: 0.3

url:https://issues.apache.org/bugzilla/show_bug.cgi?id=40771)

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-4308

Trust: 0.1

url:http://tomcat.apache.org/security.html

Trust: 0.1

url:http://enigmail.mozdev.org

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/business_solutions/

Trust: 0.1

url:http://secunia.com/advisories/try_vi/

Trust: 0.1

url:http://jvn.jp/jp/jvn66905322/index.html

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: BID: 33913 // JVNDB: JVNDB-2009-000010 // PACKETSTORM: 75211 // PACKETSTORM: 75254 // CNNVD: CNNVD-200902-617 // NVD: CVE-2008-4308

CREDITS

Fujitsu

Trust: 0.9

sources: BID: 33913 // CNNVD: CNNVD-200902-617

SOURCES

db:BIDid:33913
db:JVNDBid:JVNDB-2009-000010
db:PACKETSTORMid:75211
db:PACKETSTORMid:75254
db:CNNVDid:CNNVD-200902-617
db:NVDid:CVE-2008-4308

LAST UPDATE DATE

2024-08-14T15:25:10.840000+00:00


SOURCES UPDATE DATE

db:BIDid:33913date:2009-02-26T17:07:00
db:JVNDBid:JVNDB-2009-000010date:2009-02-26T00:00:00
db:CNNVDid:CNNVD-200902-617date:2023-02-14T00:00:00
db:NVDid:CVE-2008-4308date:2023-02-13T02:19:30.893

SOURCES RELEASE DATE

db:BIDid:33913date:2009-02-25T00:00:00
db:JVNDBid:JVNDB-2009-000010date:2009-02-26T00:00:00
db:PACKETSTORMid:75211date:2009-02-26T19:20:39
db:PACKETSTORMid:75254date:2009-02-27T10:55:31
db:CNNVDid:CNNVD-200902-617date:2009-02-26T00:00:00
db:NVDid:CVE-2008-4308date:2009-02-26T23:30:00.203