Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

Symantec Endpoint Vulnerable to Remote Information Disclosure?

Created: 21 Feb 2008 • Updated: 02 Mar 2009

I submitted a case to Symantec on Feb 11th.  Has anyone tried to patch Tomcat on their server to fix this vulnerability?

Apache Tomcat Cookie Quote Handling Remote Information Disclosure
Vulnerability
Bugtraq ID 27706
CVE CVE-2007-5333(Candidate)
Published Feb 09 2008
Last Update 02/09/2008 6:05:10 PM GMT
Remote Yes
Local No
Credibility Vendor Confirmed
Classification Input Validation Error
Ease Exploit Available
Apache Tomcat is prone to an information-disclosure vulnerability; fixes
are available.

Impact
------
Attackers can exploit this issue to access sensitive information that may
aid in further attacks.

Technical Description
---------------------
Apache Tomcat is a Java-based webserver application for multiple
operating systems.

Apache Tomcat is prone to an information-disclosure vulnerability because
it fails to adequately sanitize user-supplied data.

Specifically, the application fails to properly handle cookie data
containing quotes or %5C within a cookie value. When the application
tries to process these cookie values, it incorrectly interprets them as
delimiters, potentially disclosing information to attackers.

Attackers can exploit this issue to access potentially sensitive data
that may aid in further attacks.

Versions prior to Apache Tomcat 6.0.16 and 5.5.26 are vulnerable.

This vulnerability is due to an incomplete fix for BID 25316 (Apache
Tomcat Multiple Remote Information Disclosure Vulnerabilities
(CVE-2007-3385)).