Apache Tomcat Security Vulnerability

Monday, July 18, 2011 @ 02:07 PM gHale

A security issue and a vulnerability are in Apache Tomcat, which can suffer exploitation by malicious, local users bypassing certain security restrictions or cause a DoS, according to Secunia.

Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies.

Wireless Weakness Patched
Microsoft Security Center Site Breached
Microsoft Updates Rootkit Removal Plan
‘Indestructible’ Botnet Making Rounds

The security issue occurs because of Apache Tomcat not properly verifying sendfile request attributes when running under a security manager, which can suffer exploitation by a malicious web application to bypass intended restrictions and e.g. disclose local files.

The vulnerability is the result of Apache Tomcat not properly handling a sendfile request with invalid start and endpoints, which someone can exploit and then crash the JVM.

Successful exploitation requires a malicious web application to deploy and it uses a security manager and the HTTP NIO or HTTP APR connector with enabled sendfile.

One solution is to update to versions 5.5.34, 6.0.33, or 7.0.19 when available. Also fixed in the SVN repository and the vendor also provided a proposed patch for Apache Tomcat versions 5 and 6.

Leave a Reply

You must be logged in to post a comment.