Apache Tomcat 'SingleSignOn' 远程信息泄露漏洞

CVE编号

CVE-2008-0128

利用情况

暂无

补丁情况

N/A

披露时间

2008-01-23

漏洞描述

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
http://issues.apache.org/bugzilla/show_bug.cgi?id=41217
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://secunia.com/advisories/28549
http://secunia.com/advisories/28552
http://secunia.com/advisories/29242
http://secunia.com/advisories/31493
http://secunia.com/advisories/33668
http://security-tracker.debian.net/tracker/CVE-2008-0128
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
http://www.debian.org/security/2008/dsa-1468
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.securityfocus.com/archive/1/500396/100/0/threaded
http://www.securityfocus.com/archive/1/500412/100/0/threaded
http://www.securityfocus.com/bid/27365
http://www.vupen.com/english/advisories/2008/0192
http://www.vupen.com/english/advisories/2009/0233
https://exchange.xforce.ibmcloud.com/vulnerabilities/39804
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff...
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957...
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098...

受影响软件情况

#	类型	厂商	产品	版本	影响面
1
	运行在以下环境
	应用	apache	tomcat	*		Up to (including) 5.5.20

CVSS3评分 5.0

• 攻击路径 网络
• 攻击复杂度 低
• 权限要求 无
• 影响范围 N/A
• 用户交互 无
• 可用性 无
• 保密性 部分地
• 完整性 无

AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-ID	漏洞类型

Exp相关链接

• https://github.com/ngyanch/4062-1

- avd.aliyun.com