CVE-2007-6286 - RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Publication

2008-02-12

Last modification

2019-03-25

Summary

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.

Description

Apache Tomcat is prone to a security vulnerability that will compromise data integrity when the native APR connector is used.Successful exploits will allow attackers to trigger handling of a duplicate copy of one of the recent requestsreceived by the vulnerable server.Apache Tomcat 5.5.11 to 5.5.25 and 6.0.0 to 6.0.15 are vulnerable.

Solution

Updates are available. Please see the references for more information.

Exploit

Attackers can use standard tools to exploit this issue.

Risk level (CVSS AV:N/AC:M/Au:N/C:N/I:P/A:N)

Medium

4.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Vendor comments

  • Joshua Bressers - Red Hat (2008-04-17)
    Not Vulnerable. Red Hat does not ship a version of Apache Tomcat that enables the native APR connector.

Affected Products

External references