Description
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
Remediation
References
http://www.securityfocus.com/bid/49353
https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
http://secunia.com/advisories/45748
http://www.securitytracker.com/id?1025993
http://securityreason.com/securityalert/8362
http://www.mandriva.com/security/advisories?name=MDVSA-2011:156
http://www.debian.org/security/2012/dsa-2401
http://secunia.com/advisories/49094
http://marc.info/?l=bugtraq&m=132215163318824&w=2
http://marc.info/?l=bugtraq&m=136485229118404&w=2
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://secunia.com/advisories/57126
http://marc.info/?l=bugtraq&m=133469267822771&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/69472
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933
http://secunia.com/advisories/48308
http://www.securityfocus.com/archive/1/519466/100/0/threaded
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
Related Vulnerabilities
CVE-2016-3088 Vulnerability in maven package org.apache.activemq:apache-activemq
CVE-2023-34624 Vulnerability in maven package net.sourceforge.htmlcleaner:htmlcleaner
CVE-2021-3645 Vulnerability in npm package @viking04/merge
CVE-2019-10754 Vulnerability in maven package org.apereo.cas:cas-server-support-oauth-core-api
CVE-2021-32820 Vulnerability in npm package express-handlebars