Tomcat 又爆出两个新的重要的漏洞
这两个漏洞分别是
CVE Apache Tomcat Information disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
◆ Tomcat to
◆ Tomcat to
◆ Earlier versions are not affected
Description:
For performance reasons information parsed from a request is often
cached in two places: the internal request object and the internal
processor object These objects are not recycled at exactly the same time
When certain errors occur that needed to be added to the access log the
access logging process triggers the repopulation of the request object
after it has been recycled However the request object was not recycled
before being used for the next request That lead to information leakage
(eg remote IP address HTTP headers) from the previous request to the
next request
The issue was resolved be ensuring that the request and response objects
were recycled after being repopulated to generate the necessary access
log entries
解决的办法
◆ Tomcat x 用户应该升级到 或者更新版本
◆ Tomcat x 应该升级到 或更新版本
CVE Apache Tomcat Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
◆ Tomcat to
◆ Tomcat to
◆ Tomcat to
◆ Earlier unsupported versions may also be affected
Description:
Analysis of the recent hash collision vulnerability identified unrelated
inefficiencies with Apache Tomcats handling of large numbers of
parameters and parameter values These inefficiencies could allow an
attacker via a specially crafted request to cause large amounts of CPU
to be used which in turn could create a denial of service
The issue was addressed by modifying the Tomcat parameter handling code
to efficiently process large numbers of parameters and parameter values
Mitigation:
Users of affected versions should apply one of the following mitigations:
◆ Tomcat x users should upgrade to or later
◆ Tomcat x users should upgrade to or later
◆ Tomcat x users should upgrade to or later
