CVE-2007-3382

Properties

Published:
13.08.2007
Updated:
29.01.2009
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Product:
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat
apache: tomcat

Vulnerability description

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.

References:

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/476466/100/0/threaded
CERT-VN: http://www.kb.cert.org/vuls/id/993544
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/476442/100/0/threaded
CONFIRM: http://tomcat.apache.org/security-6.html
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded
FRSIRT: http://www.frsirt.com/english/advisories/2009/0233
FRSIRT: http://www.frsirt.com/english/advisories/2008/1981/references
CONFIRM: http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
CONFIRM: http://support.apple.com/kb/HT2163
SECUNIA: http://secunia.com/advisories/33668
SECUNIA: http://secunia.com/advisories/30802
APPLE: http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
CONFIRM: http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
FEDORA: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
XF: http://xforce.iss.net/xforce/xfdb/36006
BID: http://www.securityfocus.com/bid/25316
REDHAT: http://www.redhat.com/support/errata/RHSA-2008-0261.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2008-0195.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2007-0950.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2007-0871.html
MANDRIVA: http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
FRSIRT: http://www.frsirt.com/english/advisories/2007/3527
FRSIRT: http://www.frsirt.com/english/advisories/2007/3386
FRSIRT: http://www.frsirt.com/english/advisories/2007/2902
DEBIAN: http://www.debian.org/security/2008/dsa-1453
DEBIAN: http://www.debian.org/security/2008/dsa-1447
SECTRACK: http://securitytracker.com/id?1018556
SECUNIA: http://secunia.com/advisories/29242
SECUNIA: http://secunia.com/advisories/28361
SECUNIA: http://secunia.com/advisories/28317
SECUNIA: http://secunia.com/advisories/27727
SECUNIA: http://secunia.com/advisories/27267
SECUNIA: http://secunia.com/advisories/27037
SECUNIA: http://secunia.com/advisories/26898
SECUNIA: http://secunia.com/advisories/26466
SUSE: http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
HP: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554
HP: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795