Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5342

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2007-5342
Last Modified 15 Mar 2014 11:16:43
Published 27 Dec 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5342

Summary

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

Vulnerable Systems

Application

  • Apache Tomcat 5.5.10

  • Apache Tomcat 5.5.11

  • Apache Tomcat 5.5.12

  • Apache Tomcat 5.5.13

  • Apache Tomcat 5.5.14

  • Apache Tomcat 5.5.15

  • Apache Tomcat 5.5.16

  • Apache Tomcat 5.5.17

  • Apache Tomcat 5.5.18

  • Apache Tomcat 5.5.19

  • Apache Tomcat 5.5.20

  • Apache Tomcat 5.5.21

  • Apache Tomcat 5.5.22

  • Apache Tomcat 5.5.23

  • Apache Tomcat 5.5.24

  • Apache Tomcat 5.5.25

  • Apache Tomcat 5.5.9

  • Apache Tomcat 6.0

  • Apache Tomcat 6.0.1

  • Apache Tomcat 6.0.10

  • Apache Tomcat 6.0.11

  • Apache Tomcat 6.0.12

  • Apache Tomcat 6.0.13

  • Apache Tomcat 6.0.14

  • Apache Tomcat 6.0.15

  • Apache Tomcat 6.0.2

  • Apache Tomcat 6.0.3

  • Apache Tomcat 6.0.4

  • Apache Tomcat 6.0.5

  • Apache Tomcat 6.0.6

  • Apache Tomcat 6.0.7

  • Apache Tomcat 6.0.8

  • Apache Tomcat 6.0.9


References

BID - 27006

VUPEN - ADV-2009-3316

VUPEN - ADV-2008-2823

VUPEN - ADV-2008-2780

VUPEN - ADV-2008-1856

VUPEN - ADV-2008-0013

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0010.html

BID - 31681

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

BUGTRAQ - 20071223 [CVE-2007-5342] Apache Tomcat's default security policy is too open

REDHAT - RHSA-2008:0862

REDHAT - RHSA-2008:0834

REDHAT - RHSA-2008:0833

REDHAT - RHSA-2008:0832

REDHAT - RHSA-2008:0831

MANDRIVA - MDVSA-2008:188

CONFIRM - http://tomcat.apache.org/security-6.html

CONFIRM - http://tomcat.apache.org/security-5.html

MISC - http://svn.apache.org/viewvc?view=rev&revision=606594

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm

CONFIRM - http://support.apple.com/kb/HT3216

SECUNIA - 37460

SECUNIA - 32266

SECUNIA - 32222

SECUNIA - 32120

SECUNIA - 30676

OSVDB - 39833

SUSE - SUSE-SR:2009:004

APPLE - APPLE-SA-2008-10-09

FEDORA - FEDORA-2008-1603

FEDORA - FEDORA-2008-1467

XF - apache-juli-logging-weak-security(39201)

REDHAT - RHSA-2008:0195

REDHAT - RHSA-2008:0042

DEBIAN - DSA-1447

SREASON - 3485

GENTOO - GLSA-200804-10

SECUNIA - 29711

SECUNIA - 29313

SECUNIA - 28915

SECUNIA - 28317

SECUNIA - 28274

HP - HPSBST02955

SECUNIA - 57126

Related Patches

Apple 2008-10-09 Security Update 2008-007 Server (Leopard)


Last Updated: 27 May 2016 10:47:32