Apache Tomcat JULI Logging Component Default Security Policy Vulnerability

Bugtraq ID:	27006
Class:	Access Validation Error
CVE:	CVE-2007-5342
Remote:	No
Local:	Yes
Published:	Dec 24 2007 12:00AM
Updated:	Jun 17 2008 04:52PM
Credit:	Mark Thomas discovered this issue.
Vulnerable:	VMWare VirtualCenter Management Server 2 VMWare ESX Server 3.0.2 VMWare ESX Server 3.0.1 VMWare ESX Server 3.5 RedHat Fedora 8 0 RedHat Fedora 7 0 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server RedHat Developer Suite EL4 3 Gentoo www-servers/tomcat 6.0.15 Gentoo www-servers/tomcat 6.0.14 Gentoo www-servers/tomcat 6.0.13 Gentoo www-servers/tomcat 6.0.12 Gentoo www-servers/tomcat 6.0.11 Gentoo www-servers/tomcat 6.0.10 Gentoo www-servers/tomcat 6.0.9 Gentoo www-servers/tomcat 6.0.8 Gentoo www-servers/tomcat 6.0.7 Gentoo www-servers/tomcat 6.0.6 Gentoo www-servers/tomcat 6.0.5 Gentoo www-servers/tomcat 6.0.4 Gentoo www-servers/tomcat 6.0.3 Gentoo www-servers/tomcat 6.0.2 Gentoo www-servers/tomcat 6.0.1 Gentoo www-servers/tomcat 6.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Apache Software Foundation Tomcat 6.0.15 Apache Software Foundation Tomcat 6.0.14 Apache Software Foundation Tomcat 6.0.13 Apache Software Foundation Tomcat 6.0.12 Apache Software Foundation Tomcat 6.0.11 Apache Software Foundation Tomcat 6.0.10 Apache Software Foundation Tomcat 6.0.9 Apache Software Foundation Tomcat 6.0.8 Apache Software Foundation Tomcat 6.0.7 Apache Software Foundation Tomcat 6.0.6 Apache Software Foundation Tomcat 6.0.5 Apache Software Foundation Tomcat 6.0.4 Apache Software Foundation Tomcat 6.0.3 Apache Software Foundation Tomcat 6.0.2 Apache Software Foundation Tomcat 6.0.1 Apache Software Foundation Tomcat 6.0 Apache Software Foundation Tomcat 5.5.25 Apache Software Foundation Tomcat 5.5.24 Apache Software Foundation Tomcat 5.5.23 Apache Software Foundation Tomcat 5.5.22 Apache Software Foundation Tomcat 5.5.21 Apache Software Foundation Tomcat 5.5.20 Apache Software Foundation Tomcat 5.5.20 + Gentoo Linux 1.4 _rc3 + Gentoo Linux 1.4 _rc2 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.2 Apache Software Foundation Tomcat 5.5.19 Apache Software Foundation Tomcat 5.5.18 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.16 Apache Software Foundation Tomcat 5.5.15 Apache Software Foundation Tomcat 5.5.14 Apache Software Foundation Tomcat 5.5.13 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.9

Not Vulnerable: