|
|
Jetty Cookie Names Session Hijacking Vulnerability
|
Bugtraq ID:
|
26695
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2007-5614
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Dec 04 2007 12:00AM
|
|
Updated:
|
Jul 07 2008 03:30PM
|
|
Credit:
|
Tomasz Kuczynski reported this issue.
|
|
Vulnerable:
|
RedHat Fedora 9 0
RedHat Fedora 8 0
Jetty Jetty 6.0.2
Jetty Jetty 6.0.1
Jetty Jetty 5.16
Jetty Jetty 5.15
Jetty Jetty 5.1.12
Jetty Jetty 5.1.11
Jetty Jetty 4.2.27
Jetty Jetty 4.2.24
Jetty Jetty 4.2.19
Jetty Jetty 4.2.18
Jetty Jetty 4.2.17
Jetty Jetty 4.2.16
Jetty Jetty 4.2.15
Jetty Jetty 4.2.14
Jetty Jetty 4.2.12
Jetty Jetty 4.2.11
Jetty Jetty 4.2.9
Jetty Jetty 4.2.7
Jetty Jetty 4.2.6
Jetty Jetty 4.2.5
Jetty Jetty 4.2.4
Jetty Jetty 4.1.1
Jetty Jetty 4.1 .0RC4
Jetty Jetty 4.1 .0
Jetty Jetty 3.1.7
-
Debian Linux 2.2 sparc
-
Debian Linux 2.2 powerpc
-
Debian Linux 2.2 IA-32
-
Debian Linux 2.2 arm
-
Debian Linux 2.2 alpha
-
Debian Linux 2.2 68k
-
MandrakeSoft Linux Mandrake 8.1
-
MandrakeSoft Linux Mandrake 8.0
-
MandrakeSoft Linux Mandrake 7.2
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Terminal Services SP2
-
Microsoft Windows 2000 Terminal Services SP1
-
Microsoft Windows 2000 Terminal Services
-
Microsoft Windows 95
-
Microsoft Windows 98 SP1
-
Microsoft Windows 98
-
Microsoft Windows 98SE
-
Microsoft Windows ME
-
Microsoft Windows NT Enterprise Server 4.0 SP6a
-
Microsoft Windows NT Enterprise Server 4.0 SP6
-
Microsoft Windows NT Enterprise Server 4.0 SP5
-
Microsoft Windows NT Enterprise Server 4.0 SP4
-
Microsoft Windows NT Enterprise Server 4.0 SP3
-
Microsoft Windows NT Enterprise Server 4.0 SP2
-
Microsoft Windows NT Enterprise Server 4.0 SP1
-
Microsoft Windows NT Enterprise Server 4.0
-
Microsoft Windows NT Server 4.0 SP6a
-
Microsoft Windows NT Server 4.0 SP6
-
Microsoft Windows NT Server 4.0 SP5
-
Microsoft Windows NT Server 4.0 SP4
-
Microsoft Windows NT Server 4.0 SP3
-
Microsoft Windows NT Server 4.0 SP2
-
Microsoft Windows NT Server 4.0 SP1
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Terminal Server 4.0 SP6
-
Microsoft Windows NT Terminal Server 4.0 SP5
-
Microsoft Windows NT Terminal Server 4.0 SP4
-
Microsoft Windows NT Terminal Server 4.0 SP3
-
Microsoft Windows NT Terminal Server 4.0 SP2
-
Microsoft Windows NT Terminal Server 4.0 SP1
-
Microsoft Windows NT Terminal Server 4.0 alpha
-
Microsoft Windows NT Terminal Server 4.0
-
Microsoft Windows NT Workstation 4.0 SP6a
-
Microsoft Windows NT Workstation 4.0 SP6
-
Microsoft Windows NT Workstation 4.0 SP5
-
Microsoft Windows NT Workstation 4.0 SP4
-
Microsoft Windows NT Workstation 4.0 SP3
-
Microsoft Windows NT Workstation 4.0 SP2
-
Microsoft Windows NT Workstation 4.0 SP1
-
Microsoft Windows NT Workstation 4.0
-
Microsoft Windows XP Home
-
Microsoft Windows XP Professional
-
RedHat Linux 7.2 ia64
-
RedHat Linux 7.2 i386
-
RedHat Linux 7.2 alpha
-
RedHat Linux 7.1 i386
-
RedHat Linux 7.1 alpha
-
RedHat Linux 7.0 sparc
-
RedHat Linux 7.0 i386
-
RedHat Linux 7.0 alpha
-
RedHat Linux 6.2 sparc
-
RedHat Linux 6.2 i386
-
RedHat Linux 6.2 alpha
-
S.u.S.E. Linux 7.3 sparc
-
S.u.S.E. Linux 7.3 ppc
-
S.u.S.E. Linux 7.3 i386
-
S.u.S.E. Linux 7.2 i386
-
S.u.S.E. Linux 7.1 x86
-
S.u.S.E. Linux 7.1 sparc
-
S.u.S.E. Linux 7.1 ppc
-
S.u.S.E. Linux 7.1 alpha
-
S.u.S.E. Linux 7.0 sparc
-
S.u.S.E. Linux 7.0 ppc
-
S.u.S.E. Linux 7.0 i386
-
S.u.S.E. Linux 7.0 alpha
-
Slackware Linux 8.0
-
Slackware Linux 7.1
-
Sun Solaris 8_x86
-
Sun Solaris 8
-
Sun Solaris 7.0_x86
-
Sun Solaris 7.0
-
Sun Solaris 2.6_x86
-
Sun Solaris 2.6
Jetty Jetty 3.1.6
-
Debian Linux 2.2 sparc
-
Debian Linux 2.2 powerpc
-
Debian Linux 2.2 IA-32
-
Debian Linux 2.2 arm
-
Debian Linux 2.2 alpha
-
Debian Linux 2.2 68k
-
MandrakeSoft Linux Mandrake 8.1
-
MandrakeSoft Linux Mandrake 8.0
-
MandrakeSoft Linux Mandrake 7.2
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Terminal Services SP2
-
Microsoft Windows 2000 Terminal Services SP1
-
Microsoft Windows 2000 Terminal Services
-
Microsoft Windows 95
-
Microsoft Windows 98 SP1
-
Microsoft Windows 98
-
Microsoft Windows 98SE
-
Microsoft Windows ME
-
Microsoft Windows NT Enterprise Server 4.0 SP6a
-
Microsoft Windows NT Enterprise Server 4.0 SP6
-
Microsoft Windows NT Enterprise Server 4.0 SP5
-
Microsoft Windows NT Enterprise Server 4.0 SP4
-
Microsoft Windows NT Enterprise Server 4.0 SP3
-
Microsoft Windows NT Enterprise Server 4.0 SP2
-
Microsoft Windows NT Enterprise Server 4.0 SP1
-
Microsoft Windows NT Enterprise Server 4.0
-
Microsoft Windows NT Server 4.0 SP6a
-
Microsoft Windows NT Server 4.0 SP6
-
Microsoft Windows NT Server 4.0 SP5
-
Microsoft Windows NT Server 4.0 SP4
-
Microsoft Windows NT Server 4.0 SP3
-
Microsoft Windows NT Server 4.0 SP2
-
Microsoft Windows NT Server 4.0 SP1
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Terminal Server 4.0 SP6
-
Microsoft Windows NT Terminal Server 4.0 SP5
-
Microsoft Windows NT Terminal Server 4.0 SP4
-
Microsoft Windows NT Terminal Server 4.0 SP3
-
Microsoft Windows NT Terminal Server 4.0 SP2
-
Microsoft Windows NT Terminal Server 4.0 SP1
-
Microsoft Windows NT Terminal Server 4.0 alpha
-
Microsoft Windows NT Terminal Server 4.0
-
Microsoft Windows NT Workstation 4.0 SP6a
-
Microsoft Windows NT Workstation 4.0 SP6
-
Microsoft Windows NT Workstation 4.0 SP5
-
Microsoft Windows NT Workstation 4.0 SP4
-
Microsoft Windows NT Workstation 4.0 SP3
-
Microsoft Windows NT Workstation 4.0 SP2
-
Microsoft Windows NT Workstation 4.0 SP1
-
Microsoft Windows NT Workstation 4.0
-
Microsoft Windows XP Home
-
Microsoft Windows XP Professional
-
RedHat Linux 7.2 ia64
-
RedHat Linux 7.2 i386
-
RedHat Linux 7.2 alpha
-
RedHat Linux 7.1 i386
-
RedHat Linux 7.1 alpha
-
RedHat Linux 7.0 sparc
-
RedHat Linux 7.0 i386
-
RedHat Linux 7.0 alpha
-
RedHat Linux 6.2 sparc
-
RedHat Linux 6.2 i386
-
RedHat Linux 6.2 alpha
-
S.u.S.E. Linux 7.3 sparc
-
S.u.S.E. Linux 7.3 ppc
-
S.u.S.E. Linux 7.3 i386
-
S.u.S.E. Linux 7.2 i386
-
S.u.S.E. Linux 7.1 x86
-
S.u.S.E. Linux 7.1 sparc
-
S.u.S.E. Linux 7.1 ppc
-
S.u.S.E. Linux 7.1 alpha
-
S.u.S.E. Linux 7.0 sparc
-
S.u.S.E. Linux 7.0 ppc
-
S.u.S.E. Linux 7.0 i386
-
S.u.S.E. Linux 7.0 alpha
-
Slackware Linux 8.0
-
Slackware Linux 7.1
-
Sun Solaris 8_x86
-
Sun Solaris 8
-
Sun Solaris 7.0_x86
-
Sun Solaris 7.0
-
Sun Solaris 2.6_x86
-
Sun Solaris 2.6
Jetty Jetty 6.1.5
Jetty Jetty 6.1.4
Jetty Jetty 6.1.3
Jetty Jetty 6.1.2
Jetty Jetty 6.1.1
Jetty Jetty 6.1.0pre3
Jetty Jetty 6.1.0pre2
|
|
|
|
Not Vulnerable:
|
Jetty Jetty 6.1.6
|
|
|
