CVE-2013-2067 Information
Description
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions which allows remote attackers to inject a request into a session by sending this request during completion of the login form a variant of a session fixation attack.
Reference
http://archives.neohapsis.com/archives/bugtraq/2013-05/0041.html http://rhn.redhat.com/errata/RHSA-2013-0833.html http://rhn.redhat.com/errata/RHSA-2013-0834.html http://rhn.redhat.com/errata/RHSA-2013-0839.html http://rhn.redhat.com/errata/RHSA-2013-0964.html http://rhn.redhat.com/errata/RHSA-2013-1437.html http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1417891&r2=1417890&pathrev=1417891 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1408044&r2=1408043&pathrev=1408044 http://svn.apache.org/viewvc?view=revision&revision=1408044 http://svn.apache.org/viewvc?view=revision&revision=1417891 http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-7.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/59799 http://www.securityfocus.com/bid/64758 http://www.ubuntu.com/usn/USN-1841-1 https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@3Cdev.tomcat.apache.org3E
Share on: