-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:188
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : tomcat5
 Date    : September 5, 2008
 Affected: 2008.0, 2008.1
 _______________________________________________________________________

 Problem Description:

 A number of vulnerabilities have been discovered in the Apache
 Tomcat server:
 
 The default catalina.policy in the JULI logging component did not
 restrict certain permissions for web applications which could allow a
 remote attacker to modify logging configuration options and overwrite
 arbitrary files (CVE-2007-5342).
 
 A cross-site scripting vulnerability was found in the
 HttpServletResponse.sendError() method which could allow a remote
 attacker to inject arbitrary web script or HTML via forged HTTP headers
 (CVE-2008-1232).
 
 A cross-site scripting vulnerability was found in the host manager
 application that could allow a remote attacker to inject arbitrary
 web script or HTML via the hostname parameter (CVE-2008-1947).
 
 A traversal vulnerability was found when using a RequestDispatcher in
 combination with a servlet or JSP that could allow a remote attacker
 to utilize a specially-crafted request parameter to access protected
 web resources (CVE-2008-2370).
 
 A traversal vulnerability was found when the 'allowLinking' and
 'URIencoding' settings were actived which could allow a remote attacker
 to use a UTF-8-encoded request to extend their privileges and obtain
 local files accessible to the Tomcat process (CVE-2008-2938).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 56ca5eb3e331c6675634a5e3f3c5afd7  2008.0/i586/tomcat5-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 a1c688654decf045f80fb6d8978c73fa  2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 2b7a97313ece05bbd5596045853cfca0  2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 e8384332efad0e2317a646241bece6ee  2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 a30cc8061f55f2613c517574263cdd21  2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 4f4a12c8479f27c7f9ed877f5821afa3  2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 ced904c459478c1123ed5da41dddbd7f  2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 183e045a9b44747c7a4adaec5c860441  2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 78af5a5788ac359a99a24f03a39c7b94  2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 8e8569bfab5abef912299b9b751e49e9  2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm
 6899c327906423cdd02b930221c2496e  2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm 
 39fd3985d73f2f20efe4ed97c2a5e7c7  2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 c4d1c4471c29d8cd34adb9f2002ef294  2008.0/x86_64/tomcat5-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 2caf09173a64a378636496196d99756f  2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 d6a9a290638267a1117a55041986d31a  2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 2eead87d72af58ddc9e934b55e49a1aa  2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 0fab26f89e83c882c5948a430bf82c8b  2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 833334424b555a77e2a9951b71ed8fa3  2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 115561d6233c3890cf3b85a7599ed03b  2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 eccf76ede6fb9256a2b52c861a9b0bb3  2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 cd9df1a8a1a5cb3216221bdefdfe8476  2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 f7440a4111ec2fd30fa32e4bd74a0a20  2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm
 1464eb297888c4df98d8b7eabe7f0197  2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 
 39fd3985d73f2f20efe4ed97c2a5e7c7  2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 594abdc70bc430657eb831520926c73f  2008.1/i586/tomcat5-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 bdec2b83b4fdb4d10a01a65fbdac512d  2008.1/i586/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 3dbc007722996d1c36f31642f80b5c2a  2008.1/i586/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 04b23d162d13f84d1d8707646ea9148c  2008.1/i586/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 602bf7d4ff261e8af20d50b9e76634bb  2008.1/i586/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 0066e7519a2d3478f0a3e70bd95a7e5b  2008.1/i586/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 1ba4743762cfa4594a27f0393de47823  2008.1/i586/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 262f2a39b800562cef36d724ce3efa35  2008.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 b9f2af35a734d0e3a2d9bfe292aaced1  2008.1/i586/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 8307ef374c5b995feac394b6f27474d5  2008.1/i586/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 3f4692170c35f992defcb4111a8133cd  2008.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm
 02b9d28af879b825754eff6199bf1788  2008.1/i586/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm 
 2621d41df35e895a1ed0ed471f93f211  2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 6b1e03e5206eb262970198dccba7d0a3  2008.1/x86_64/tomcat5-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 930cf38058a0f8902e2741c6512e0aa0  2008.1/x86_64/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 c527521cb93bab31df3f91422faf02a6  2008.1/x86_64/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 f8bef98047ef956c8e4c0f877155e1f1  2008.1/x86_64/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 97a8a59178259d26838ce20c176c459a  2008.1/x86_64/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 3bb885debc8576bd305c9fa4c9d25bfb  2008.1/x86_64/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 66dcf08e163fdaaf81992a7d25d84a20  2008.1/x86_64/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 dd92aab81bf4c75ab30b9b82153b24c0  2008.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 517ed776282d089dd84f81d47104f660  2008.1/x86_64/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 83d4bb973b7fec461e812d74541a5949  2008.1/x86_64/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 cbdd58e1c9e1e8f0089af055abbd85e0  2008.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm
 cbee0f1f720269f77a66e30709ecd7ae  2008.1/x86_64/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 
 2621d41df35e895a1ed0ed471f93f211  2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFIwYsKmqjQ0CJFipgRApJjAKCVZ1XtEGoADQcp8l/m1ECSRstnjACg4qE8
j+sCdAEJN0CXvurmFcjUvNU=
=+kFf
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/