CVE-2011-2526 Information

Feb 14, 2021 cve

Description

Apache Tomcat 5.5.x before 5.5.34 6.x before 6.0.33 and 7.x before 7.0.19 when sendfile is enabled for the HTTP APR or HTTP NIO connector does not validate certain request attributes which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.

Reference

http://marc.info/?l=bugtraq&m=132215163318824&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://osvdb.org/73797 http://osvdb.org/73798 http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http://rhn.redhat.com/errata/RHSA-2012-0078.html http://rhn.redhat.com/errata/RHSA-2012-0325.html http://secunia.com/advisories/45232 http://secunia.com/advisories/48308 http://secunia.com/advisories/57126 http://svn.apache.org/viewvc?view=revision&revision=1145383 http://svn.apache.org/viewvc?view=revision&revision=1145571 http://svn.apache.org/viewvc?view=revision&revision=1145694 http://svn.apache.org/viewvc?view=revision&revision=1146005 http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-7.html http://www.debian.org/security/2012/dsa-2401 http://www.mandriva.com/security/advisories?name=MDVSA-2011:156 http://www.securityfocus.com/archive/1/518889/100/0/threaded http://www.securityfocus.com/bid/48667 http://www.securitytracker.com/id?1025788 https://bugzilla.redhat.com/show_bug.cgi?id=720948 https://exchange.xforce.ibmcloud.com/vulnerabilities/68541 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@3Cdev.tomcat.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14573 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19514

Share on: