-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:030 http://www.mandriva.com/security/ _______________________________________________________________________ Package : tomcat5 Date : February 18, 2011 Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in tomcat5: When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate files generated when compiling JSPs to Servlets. The location of the work directory is specified by a ServletContect attribute that is meant to be read-only to web applications. However, due to a coding error, the read-only setting was not applied. Therefore, a malicious web application may modify the attribute before Tomcat applies the file permissions. This can be used to grant read/write permissions to any area on the file system which a malicious web application may then take advantage of. This vulnerability is only applicable when hosting web applications from untrusted sources such as shared hosting environments (CVE-2010-3718). The HTML Manager interface displayed web applciation provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administartive user when viewing the manager pages (CVE-2011-0013). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 4acc23d840bdd74a8a2a27717c57f813 2009.0/i586/tomcat5-5.5.27-0.3.0.4mdv2009.0.noarch.rpm d901fdb0a4995bf9eb2870b3c9a1d249 2009.0/i586/tomcat5-admin-webapps-5.5.27-0.3.0.4mdv2009.0.noarch.rpm ae34366f41b039c6e53631b185547a7b 2009.0/i586/tomcat5-common-lib-5.5.27-0.3.0.4mdv2009.0.noarch.rpm ade05ceda9f2ae4fb342e7ef5df474e2 2009.0/i586/tomcat5-jasper-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 51fab09365486ad60ed686935c1c7511 2009.0/i586/tomcat5-jasper-eclipse-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 5f1fc1ea7c38546a38a04000cdf9212a 2009.0/i586/tomcat5-jasper-javadoc-5.5.27-0.3.0.4mdv2009.0.noarch.rpm bddc26db0a0e9aea3223927566b11442 2009.0/i586/tomcat5-jsp-2.0-api-5.5.27-0.3.0.4mdv2009.0.noarch.rpm effd51cb30b8d2bb5f12a3a0507b1260 2009.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.4mdv2009.0.noarch.rpm e71a36bd07ad8f241104e0e322900d55 2009.0/i586/tomcat5-server-lib-5.5.27-0.3.0.4mdv2009.0.noarch.rpm fc68ce165e49fa63529cda996f9e7e6f 2009.0/i586/tomcat5-servlet-2.4-api-5.5.27-0.3.0.4mdv2009.0.noarch.rpm aa8f7e5205aa734f94661d2e1d87cf03 2009.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 09488edfcc731340c51322540e050445 2009.0/i586/tomcat5-webapps-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 78f469b9bdf9461e9dd423fa51a00fbb 2009.0/SRPMS/tomcat5-5.5.27-0.3.0.4mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 7f3a9c9a0f48012967fece5d682cc344 2009.0/x86_64/tomcat5-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 3151ab51c99456cf46095557b421a47d 2009.0/x86_64/tomcat5-admin-webapps-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 4312fccb593f577b34a77363c140460b 2009.0/x86_64/tomcat5-common-lib-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 04580ac069d37ea7ce1223f744dd63bf 2009.0/x86_64/tomcat5-jasper-5.5.27-0.3.0.4mdv2009.0.noarch.rpm adf6a50a74e425cd579d4c76fe518f88 2009.0/x86_64/tomcat5-jasper-eclipse-5.5.27-0.3.0.4mdv2009.0.noarch.rpm be1cdc23f0f7a115835062c6dd22f68e 2009.0/x86_64/tomcat5-jasper-javadoc-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 827ce79fb2c78c7cd5e2b9ed74e60564 2009.0/x86_64/tomcat5-jsp-2.0-api-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 5ad827a665ee9a6b20d1e771ada0922a 2009.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 1133aad0b9a2715bbea40e925f065f0e 2009.0/x86_64/tomcat5-server-lib-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 734a3311954704b8d31c134c204273f3 2009.0/x86_64/tomcat5-servlet-2.4-api-5.5.27-0.3.0.4mdv2009.0.noarch.rpm e61e4817d3fe00bca326b7d078d38cc1 2009.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 4f37e8f46d3435971ad107d3012c2722 2009.0/x86_64/tomcat5-webapps-5.5.27-0.3.0.4mdv2009.0.noarch.rpm 78f469b9bdf9461e9dd423fa51a00fbb 2009.0/SRPMS/tomcat5-5.5.27-0.3.0.4mdv2009.0.src.rpm Mandriva Linux 2010.0: 39e1b0164f00a89b96865243916eccb6 2010.0/i586/tomcat5-5.5.27-0.5.0.2mdv2010.0.noarch.rpm b406cccf6e7886b5c47de22ecc82088d 2010.0/i586/tomcat5-admin-webapps-5.5.27-0.5.0.2mdv2010.0.noarch.rpm b5c3e735cec844c1a7c1206c78a6af51 2010.0/i586/tomcat5-common-lib-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 0561c5ba6f593f8cb21d6433b31bbdf0 2010.0/i586/tomcat5-jasper-5.5.27-0.5.0.2mdv2010.0.noarch.rpm c3d3ed8727164b1542b08cc35b74eeb3 2010.0/i586/tomcat5-jasper-eclipse-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 137b051b6fa4a159098151aed959d4b8 2010.0/i586/tomcat5-jasper-javadoc-5.5.27-0.5.0.2mdv2010.0.noarch.rpm fb2d81779b9a6701f935b69c72dfd1a2 2010.0/i586/tomcat5-jsp-2.0-api-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 247083e1e461555c064c57fb22293eb4 2010.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 1eb783fc2a5fd77fc04327f103f3e924 2010.0/i586/tomcat5-server-lib-5.5.27-0.5.0.2mdv2010.0.noarch.rpm ff93f3807ad38a6f3efd3b755e4b8a9c 2010.0/i586/tomcat5-servlet-2.4-api-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 63293aef2e275ccf3c5dca5ab69b1a5b 2010.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 5295cf4e876b552468657fd61eff83af 2010.0/i586/tomcat5-webapps-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 3e8072e942561408d7c33bd24517b4c9 2010.0/SRPMS/tomcat5-5.5.27-0.5.0.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: c4999736e1bc0c9a5a97d594cee65c1c 2010.0/x86_64/tomcat5-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 6b1e3d535d54b0be9e2ae5d1097ccada 2010.0/x86_64/tomcat5-admin-webapps-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 8b312a00888405017f0a569a941ef886 2010.0/x86_64/tomcat5-common-lib-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 2418f2e08935a6f0992b092a4bffecc8 2010.0/x86_64/tomcat5-jasper-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 83a682d9a8f037101b9551cd78a016c6 2010.0/x86_64/tomcat5-jasper-eclipse-5.5.27-0.5.0.2mdv2010.0.noarch.rpm bb1adfd0118f39da9a5b3f65ae84e62f 2010.0/x86_64/tomcat5-jasper-javadoc-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 4a98e6b4fc7d0f857fc992b939d842ad 2010.0/x86_64/tomcat5-jsp-2.0-api-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 4037dc8df08254a5c8e93313221a7514 2010.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 1c1a706e810c6cd0c063d84b0522585a 2010.0/x86_64/tomcat5-server-lib-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 62bc24195dda4032d33bb206031bd037 2010.0/x86_64/tomcat5-servlet-2.4-api-5.5.27-0.5.0.2mdv2010.0.noarch.rpm c3bb0d7222dbc10f3d14a95ca8a79644 2010.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.5.0.2mdv2010.0.noarch.rpm a300b02d11c66be9c4b7025a16db508d 2010.0/x86_64/tomcat5-webapps-5.5.27-0.5.0.2mdv2010.0.noarch.rpm 3e8072e942561408d7c33bd24517b4c9 2010.0/SRPMS/tomcat5-5.5.27-0.5.0.2mdv2010.0.src.rpm Mandriva Linux 2010.1: 5bdb48aeda19057db32a64589eacd82a 2010.1/i586/tomcat5-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 96ecbc6c012122bf2e11e500c6402205 2010.1/i586/tomcat5-admin-webapps-5.5.28-0.5.0.2mdv2010.2.noarch.rpm a176c1651cc2d08ed8510c01622d5176 2010.1/i586/tomcat5-common-lib-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 9240df47c808e342c5bc6dcd910d85f5 2010.1/i586/tomcat5-jasper-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 6f46c2c619ec79ec43783efcf7e908c2 2010.1/i586/tomcat5-jasper-eclipse-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 133a8b24ec4aa7662c0145ff5303beca 2010.1/i586/tomcat5-jasper-javadoc-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 97eaf631f481c6431c7439755e33fde5 2010.1/i586/tomcat5-jsp-2.0-api-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 794935023c7630d13a887b474b78bb7e 2010.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.2mdv2010.2.noarch.rpm ce72eb40ddf157064e8926eb58e2740b 2010.1/i586/tomcat5-server-lib-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 84f3460a32131aef7f663ea2c5981859 2010.1/i586/tomcat5-servlet-2.4-api-5.5.28-0.5.0.2mdv2010.2.noarch.rpm f04fe3121f8b1cf579f0cc92099c364a 2010.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.2mdv2010.2.noarch.rpm ec6163a7e1ee720c01f86b7070ae1a5d 2010.1/i586/tomcat5-webapps-5.5.28-0.5.0.2mdv2010.2.noarch.rpm e480656f0abde41f97e478151a7fc71f 2010.1/SRPMS/tomcat5-5.5.28-0.5.0.2mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 405ff9248913717a0249614e3ccdeff4 2010.1/x86_64/tomcat5-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 0500f420f913cac42c8c2398182e0b8d 2010.1/x86_64/tomcat5-admin-webapps-5.5.28-0.5.0.2mdv2010.2.noarch.rpm f796e84a6cf4dac452eaaec03b819c97 2010.1/x86_64/tomcat5-common-lib-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 3e25bb28dc6c08b2dcbd1a272d01eaec 2010.1/x86_64/tomcat5-jasper-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 07e577e2fbc57e40b944478449715240 2010.1/x86_64/tomcat5-jasper-eclipse-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 1e688aca310915303d257abaa0c55099 2010.1/x86_64/tomcat5-jasper-javadoc-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 631f812a7a32013ba301cecbeb23163d 2010.1/x86_64/tomcat5-jsp-2.0-api-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 5970e0221d6d5386f04316b6805c6bfc 2010.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.2mdv2010.2.noarch.rpm f64a8611f668cd19bafb0a8884c3b998 2010.1/x86_64/tomcat5-server-lib-5.5.28-0.5.0.2mdv2010.2.noarch.rpm ba19195b485e4468780f36010c5215b5 2010.1/x86_64/tomcat5-servlet-2.4-api-5.5.28-0.5.0.2mdv2010.2.noarch.rpm e241ad2d2ea43d6515b61a256fdbc61e 2010.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.2mdv2010.2.noarch.rpm 15718f212c8d29bdbaac81ab40afbd2a 2010.1/x86_64/tomcat5-webapps-5.5.28-0.5.0.2mdv2010.2.noarch.rpm e480656f0abde41f97e478151a7fc71f 2010.1/SRPMS/tomcat5-5.5.28-0.5.0.2mdv2010.2.src.rpm Mandriva Enterprise Server 5: bd71ae4141fbf5a884cfbccc756c8329 mes5/i586/tomcat5-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 75b8764895d7b231901602dd0605f2e2 mes5/i586/tomcat5-admin-webapps-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 6c827ad66b01560b72c5a8c96616afaa mes5/i586/tomcat5-common-lib-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 1a2155333c323146ef3e1fbdeae96035 mes5/i586/tomcat5-jasper-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 554ec541f6857a7946a6fae67c0a2fa6 mes5/i586/tomcat5-jasper-eclipse-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 10b54ca8ebefcd816bade65dae8e408b mes5/i586/tomcat5-jasper-javadoc-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 8a12958fd3040ca0f4ce23bb7a3a1bdf mes5/i586/tomcat5-jsp-2.0-api-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 320881d8a847077fc8a7d70d7d0e0a02 mes5/i586/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 8ab623786a3479dc5e990b9949a13502 mes5/i586/tomcat5-server-lib-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm d4c53039181b378a3da1016c137ad843 mes5/i586/tomcat5-servlet-2.4-api-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 52922ac7e5b4c1a7356d5248cf264a1d mes5/i586/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 6cf03c3b0981031f6bf7b8710990bcb0 mes5/i586/tomcat5-webapps-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm a4f9e4804454f2d628865ad654d6a188 mes5/SRPMS/tomcat5-5.5.27-0.3.0.4mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: 20eee581278206c28db4e304a6756671 mes5/x86_64/tomcat5-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm d6b1d88885c03c36a84dd7703bb82bbb mes5/x86_64/tomcat5-admin-webapps-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm a04900de513cbaf5359b41b1df0e9ff3 mes5/x86_64/tomcat5-common-lib-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm c58d2e125e9c2e4de256224d64cf1d46 mes5/x86_64/tomcat5-jasper-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 7612d8a28f5e008405a282ceb265a769 mes5/x86_64/tomcat5-jasper-eclipse-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 0796bfcd6e042c1128426bb47aae03d5 mes5/x86_64/tomcat5-jasper-javadoc-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 2ccd09878fd1f3ef8e4846864bd2f71e mes5/x86_64/tomcat5-jsp-2.0-api-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 1b94570c1a5913fd0eefbcbee71afdc8 mes5/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm ca2608f81795ff805e34e7316799a6a7 mes5/x86_64/tomcat5-server-lib-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 37d677648216a2d5577db95f0ab9f194 mes5/x86_64/tomcat5-servlet-2.4-api-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 42077f152ee121ed61cda754200f8902 mes5/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm 75657b92a4a6d94e27c3188653cad41e mes5/x86_64/tomcat5-webapps-5.5.27-0.3.0.4mdvmes5.1.noarch.rpm a4f9e4804454f2d628865ad654d6a188 mes5/SRPMS/tomcat5-5.5.27-0.3.0.4mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNXrAVmqjQ0CJFipgRAjIfAJ4yL+76n74D2G8gpFyNCGQ4s6+6GACglNTw j0b0pCkznIMqccTMYR+zW5E= =KGzB -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/