Description

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

Remediation

References

http://www.securityfocus.com/bid/49353

https://issues.apache.org/bugzilla/show_bug.cgi?id=51698

http://secunia.com/advisories/45748

http://www.securitytracker.com/id?1025993

http://securityreason.com/securityalert/8362

http://www.mandriva.com/security/advisories?name=MDVSA-2011:156

http://www.debian.org/security/2012/dsa-2401

http://secunia.com/advisories/49094

http://marc.info/?l=bugtraq&m=132215163318824&w=2

http://marc.info/?l=bugtraq&m=136485229118404&w=2

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://secunia.com/advisories/57126

http://marc.info/?l=bugtraq&m=133469267822771&w=2

https://exchange.xforce.ibmcloud.com/vulnerabilities/69472

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933

http://secunia.com/advisories/48308

http://www.securityfocus.com/archive/1/519466/100/0/threaded

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Related Vulnerabilities

CVE-2018-6561 Vulnerability in maven package org.webjars.npm:dijit

CVE-2012-1833 Vulnerability in maven package org.grails:grails-plugin-controllers

CVE-2019-15608 Vulnerability in npm package yarn

CVE-2023-37478 Vulnerability in npm package @pnpm/linux-arm64

CVE-2021-42697 Vulnerability in maven package com.typesafe.akka:akka-http-core_2.13

Severity

Critical

Classification

CWE-264

Tags

Exploit Vendor Advisory