Apache Tomcat Multiple Vulnerabilities June-09

Summary
This host is running Apache Tomcat Server and is prone to multiple vulnerabilities.
Impact
Successful attempt could lead to remote code execution and attacker can gain the full permission on affected file, and can cause denial of service. Impact Level: System/Application
Solution
Upgrade to Apache Tomcat version 4.1.40, or 5.5.28, or 6.0.20 http://archive.apache.org/dist/tomcat/
Insight
Multiple flows are due to, - Error in 'XML parser' used for other web applications, which allows local users to read or modify the web.xml, context.xml, or tld files via a crafted application that is loaded earlier than the target application. - when FORM authentication is used, cause enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the MemoryRealm, DataSourceRealm, and JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter. - when the 'Java AJP connector' and 'mod_jk load balancing' are used, via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
Affected
Apache Tomcat version 6.0.0 to 6.0.18 Apache Tomcat version 5.5.0 to 5.5.27 Apache Tomcat version 4.1.0 to 4.1.39
References