[USN-899-1] Tomcat vulnerabilities

Marc Deslauriers marc.deslauriers at canonical.com
Thu Feb 11 19:28:04 UTC 2010


===========================================================
Ubuntu Security Notice USN-899-1          February 11, 2010
tomcat6 vulnerabilities
CVE-2009-2693, CVE-2009-2901, CVE-2009-2902
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libtomcat6-java                 6.0.18-0ubuntu3.3

Ubuntu 9.04:
  libtomcat6-java                 6.0.18-0ubuntu6.2

Ubuntu 9.10:
  libtomcat6-java                 6.0.20-2ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Tomcat did not correctly validate WAR filenames or
paths when deploying. A remote attacker could send a specially crafted WAR
file to be deployed and cause arbitrary files and directories to be
created, overwritten, or deleted.


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.3.diff.gz
      Size/MD5:    26616 15947847c9ba6bca5b4c7c30280c0fb8
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.3.dsc
      Size/MD5:     1379 86363fde24b72d18e84ef451312646b1
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.orig.tar.gz
      Size/MD5:  3484249 9bdbb1c1d79302c80057a70b18fe6721

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:   174352 069180c1a5572ce1f6fa93bcccb5d416
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:  2963632 cc3ccccd2a204091802013ba3ed1a14b
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:    37574 0338b8f2dae4792fa115d748ad6ef0c4
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:    53718 28ea7eeff8f52e7999e79753241b5764
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:   714470 0f4e4e92a9c8299c09aa701e2234a299
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:   419384 ee04dfb73fd622f9da2b29dabcc63062
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:    18856 82a444d0784a9de1792acefa4e422819
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.3_all.deb
      Size/MD5:    24418 4cde466df88b81d842874504669c5ed5

Updated packages for Ubuntu 9.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.2.diff.gz
      Size/MD5:    29144 b204c293225729248eb147a84d120c05
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.2.dsc
      Size/MD5:     1412 21a10f9c437e9edffb7baae80196a3da
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.orig.tar.gz
      Size/MD5:  3484249 9bdbb1c1d79302c80057a70b18fe6721

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:   246472 867519558398828a41a2cfb74f59fbf8
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:   172726 fdf61235de74397f6cdaef0e1c75efff
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:  2848098 f2b6718e0e25cab22a7dd9cbf2f2d920
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:    38086 61d1f99bfadee394356ba09955af203f
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:    53422 1ba93e5960666a8c380a0091e3d0062e
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:   714374 0a82b6b46ba6fa3a4d2e1a22e7e802d0
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:   418550 4eb0f440623adab18796f907478c6ffc
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:    20832 ba5f382e9a3423bf32a28c7aae1af22f
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.2_all.deb
      Size/MD5:    25210 09ce858a43d1d5eafc3be8c74df7f4eb

Updated packages for Ubuntu 9.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20-2ubuntu2.1.diff.gz
      Size/MD5:    24200 0301e8b6886eed5acfe1135262564354
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20-2ubuntu2.1.dsc
      Size/MD5:     1564 9c02cfcdbf44123e1d1f669c23256109
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20.orig.tar.gz
      Size/MD5:  3590562 44f49e7e14028b6a53c3c346bd18c72f

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:   247082 f1b8ce2ec306f55eb10eaf3dfb554ba4
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:   182942 987d4d34f2a24645372d44a2132d61a4
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:  2914180 850bbadb3973c1cac0a5764286054a0c
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:    38746 069812c70cb608a1b97d51e2a22b746c
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:    36530 e6f95590d1998a7d9f05c87f65ddcca6
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:   479894 0cf8923ff34c688300b61f7e15852f05
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:   418982 b75582d62de99c7f610f89dc87c19814
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:    21602 dfb3677e4ea5df88905a30b3b9268857
    http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.20-2ubuntu2.1_all.deb
      Size/MD5:    25988 b4898543c09f3f35c0b4e835a95cc11c



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20100211/edf7ef41/attachment.sig>


More information about the ubuntu-security-announce mailing list