-none-

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Tomcat - JSP/Servlet container

Struts - A MVC web framework

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

JSP - A mailing list about Java Server Pages specification and reference

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Servlet : Session invalidate
•	Oracle Connection Pooling in 3 2 2
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Running a Simple JMS Example
•	Tomcat and webapplication specific java library path
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	Value attribute of <html:checkbox
•	url string for connecting jboss to oracle
•	javax servlet ServletException: BeanUtils populate
•	5 0 18: Windows XP Pro vs Windows 2000
•	HTTP Status 404 The requested resource is not available

-none-

-none-

2007-08-13 - By Mark Thomas

Back
-- --BEGIN PGP SIGNED MESSAGE-- --
Hash: SHA1

CVE-2007 (See http://CVE-2007.ora-code.com)-3382: Handling of cookies containing a ' character

Severity:
Low (Session Hi-jacking)

Vendor:
The Apache Software Foundation

Versions Affected:
6.0.0 to 6.0.13
5.5.0 to 5.5.24
5.0.0 to 5.0.30
4.1.0 to 4.1.36
3.3 to 3.3.2

Description:
Tomcat incorrectly treats a single quote character (') in a cookie
value as a delimiter. In some circumstances this can lead to the
leaking of information such as session ID to an attacker.

Mitigation:
Upgrade to 6.0.14

Credit:
This issue was discovered by Tomasz Kuczynski, Poznan Supercomputing
and Networking Center, who worked with the CERT/CC to report the
vulnerability.

Example:
http://localost:8080/servlets-examples/servlet/CookieExample?cookiename=BLOCKER
&cookievalue=%5C%22A%3D%27%3B+Expires%3DThu%2C+1+Jan+2009+00%3A00%3A01+UTC%3B
+Path%3D%2Fservlets-examples%2Fservlet+%3B

References:
http://tomcat.apache.org/security.html

Mark Thomas

-- --BEGIN PGP SIGNATURE-- --
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGwSFVb7IeiTPGAkMRAjkwAKDnu+C08WRZazmZfzunFeHcitsvnACg3CtP
6c6FCxbFOcfxhqqayg8kdUI=
=MkDj
-- --END PGP SIGNATURE-- --

-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)