Date: Wed, 13 Jun 2007 22:24:09 -0400
From: Mark Thomas <markt@apache.org.>
To: Tomcat Users List <users@tomcat.apache.org.>,
Subject: [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples
X-Enigmail-Version: 0.94.3.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
CVE-2007-2449: Apache Tomcat XSS vulnerabilities in the JSP examples
Severity: low (cross-site scripting)
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 4.0.0 to 4.0.6
Tomcat 4.1.0 to 4.1.36
Tomcat 5.0.0 to 5.0.30
Tomcat 5.5.0 to 5.5.24
Tomcat 6.0.0 to 6.0.13
Description:
The JSP examples web application displays does not escape some user
provided data before including it in the output. This enables a XSS
attack.
Mitigation:
1. Undeploy the examples web application(s).
Example:
http://host:port/jsp-examples/snp/snoop.jsp;<script>alert()</script>test.jsp
Credit:
These issues were discovered by an unknown security researcher and
reported to JPCERT.
References:
http://tomcat.apache.org/security.html
Mark Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGcKbJb7IeiTPGAkMRAi9BAKDsuoomGh2n9BYl7mT/tGEjQ+HIlQCdHjnU
zdreMwViLR/bDBnys5YkhPk=
=SK7+
-----END PGP SIGNATURE-----
