BNLug - Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability

Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability

TITLE: Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability
CLASS: Input Validation Error
CVE: CVE-2007-2450

REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 12 2007 12:00AM
UPDATE: Jun 14 2007 07:19PM
CREDIT: Daiki Fukumori is credited with the discovery of this vulnerability.
VULNERABLE:

Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.7
Apache Tomcat 6.0.6
Apache Tomcat 6.0.5
Apache Tomcat 6.0.4
Apache Tomcat 6.0.3
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 5.5.24
Apache Tomcat 5.5.23
Apache Tomcat 5.5.22
Apache Tomcat 5.5.21
Apache Tomcat 5.5.20
Apache Tomcat 5.5.19
Apache Tomcat 5.5.18
Apache Tomcat 5.5.17
Apache Tomcat 5.5.16
Apache Tomcat 5.5.15
Apache Tomcat 5.5.14
Apache Tomcat 5.5.13
Apache Tomcat 5.5.12
Apache Tomcat 5.5.11
Apache Tomcat 5.5.10
Apache Tomcat 5.5.2
Apache Tomcat 5.5.1
Apache Tomcat 5.5
Apache Tomcat 5.0.30
Apache Tomcat 5.0.16
Apache Tomcat 5.0.15
Apache Tomcat 5.0.14
Apache Tomcat 5.0.13
Apache Tomcat 5.0.12
Apache Tomcat 5.0.11
Apache Tomcat 5.0.10
Apache Tomcat 5.0.3
Apache Tomcat 5.0.2
Apache Tomcat 5.0.1
Apache Tomcat 4.1.36
Apache Tomcat 4.1
Apache Tomcat 4.0.6
Apache Tomcat 4.0.5
Apache Tomcat 4.0.4
Apache Tomcat 4.0.3
Apache Tomcat 4.0.2
Apache Tomcat 4.0.1
Apache Tomcat 4.0
Apache Tomcat 5.0

NOT VULNERABLE:

Vai alla pagina originale su Security Focus

Discussion

Apache Tomcat Manager and Host Manager are prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Exploit

An attacker can trigger this vulnerability by enticing a victim user to follow a malicious URI.

Solution

Solution:
Currently we are not aware of any solutions for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.

References

References:

Tomcat Homepage (Apache Software Foundation)
[CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager (Mark Thomas )

Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability

Discussion

Exploit

Solution

References

PhpLog

BNLug Benevento Linux Users Group

Menu Principale

Staff

Partner

Link