Ubuntu
tomcat5.5 package

CVE-2007-0774: overflow in URI handler

Bug #90967 reported by Kees Cook on 2007-03-09

256

Affects		Status	Importance	Assigned to	Milestone
	tomcat5.5 (Ubuntu)	Invalid	Undecided	Unassigned

Bug Description

Binary package hint: tomcat5.5

Only feisty is vulnerable (tomcat5.5 5.5.20), according to:

http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

"CVE-2007-0774 : A denial of service and critical remote code execution vulnerability. Caused by buffer overflow in map_uri_to_worker() when URL were longer that 4095 bytes. Reported by ZDI (www.zerodayintiative.com). Please note this issue only affected versions 1.2.19 and 1.2.20 of the Apache Tomcat JK Web Server Connector and not previous versions. Tomcat 5.5.20 and Tomcat 4.1.34 included a vulnerable version in their source packages. Other versions of Tomcat were not affected."

CVE References

2007-0774

Revision history for this message

Michael Koch (konqueror) wrote on 2007-07-11:

Thanks for reporting this bug. The connectors are not build from the tomcat5.5 package in Ubuntu. They are built from a separate source package, libapache-mod-jk. No Ubuntu distribution contain version 1.2.19 or 1.2.20 of the connectors. Feisty ships 1.2.18. Gutsy will ship at least 1.2.23. Closing this bug as invalid.

Changed in tomcat5.5:
status:	New → Invalid

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntutomcat5.5 package