Apache Tomcat JULI Logging Component Default Security Policy Vulnerability

Bugtraq ID: 27006
Class: Access Validation Error
CVE: CVE-2007-5342
Remote: No
Local: Yes
Published: Dec 24 2007 12:00AM
Updated: Apr 13 2015 10:01PM
Credit: Mark Thomas discovered this issue.
Vulnerable: WiKID Systems WiKID Server 3.0.4
VMWare VirtualCenter Management Server 2
VMWare VirtualCenter 2.0.2
VMWare VirtualCenter 2.5 Update 5
VMWare VirtualCenter 2.5 Update 2
VMWare VirtualCenter 2.5 Update 1
VMWare VirtualCenter 2.5
VMWare VirtualCenter 2.0.2 Update 5
VMWare VirtualCenter 2.0.2 Update 4
VMWare VirtualCenter 2.0.2 Update 3
VMWare VirtualCenter 2.0.2 Update 2
VMWare VirtualCenter 2.0.2 Update 1
VMWare vCenter 4.0
VMWare Server 2.0.2
VMWare Server 2.0.1
VMWare Server 2.0
VMWare ESX Server 3.0.3
VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0
VMWare ESX Server 4.0
VMWare ESX Server 3.5
SuSE SUSE Linux Enterprise Server 10 SP2
Sun Solaris 10
Redhat JBoss Enterprise Application Platform 4.3 EL5
Redhat JBoss Enterprise Application Platform 4.3 EL4
Redhat JBoss Enterprise Application Platform 4.2 EL5
Redhat JBoss Enterprise Application Platform 4.2 EL4
Redhat Fedora 7
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Redhat Developer Suite EL4 3
Redhat Application Server WS4 2
Redhat Application Server ES4 2
Redhat Application Server AS4 2
Pardus Linux 2008 0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
HP XP P9000 Performance Advisor 5.4.1
Gentoo www-servers/tomcat 6.0.15
Gentoo www-servers/tomcat 6.0.14
Gentoo www-servers/tomcat 6.0.13
Gentoo www-servers/tomcat 6.0.12
Gentoo www-servers/tomcat 6.0.11
Gentoo www-servers/tomcat 6.0.10
Gentoo www-servers/tomcat 6.0.9
Gentoo www-servers/tomcat 6.0.8
Gentoo www-servers/tomcat 6.0.7
Gentoo www-servers/tomcat 6.0.6
Gentoo www-servers/tomcat 6.0.5
Gentoo www-servers/tomcat 6.0.4
Gentoo www-servers/tomcat 6.0.3
Gentoo www-servers/tomcat 6.0.2
Gentoo www-servers/tomcat 6.0.1
Gentoo www-servers/tomcat 6.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Avaya Meeting Exchange - Enterprise Edition
Avaya Meeting Exchange 5.0 .0.52
Avaya Meeting Exchange 5.0
Avaya Aura Application Enablement Services 4.2.1
Avaya Aura Application Enablement Services 4.0.1
Avaya Aura Application Enablement Services 3.1.6
Avaya Aura Application Enablement Services 3.1.5
Avaya Aura Application Enablement Services 3.1.4
Avaya Aura Application Enablement Services 3.1.3
Avaya Aura Application Enablement Services 4.2
Avaya Aura Application Enablement Services 4.1
Avaya Aura Application Enablement Services 4.0
Avaya Aura Application Enablement Services 3.1
Avaya Aura Application Enablement Services 3.0
Apple Mac OS X Server 10.5.5
Apache Tomcat 6.0.15
Apache Tomcat 6.0.14
Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.7
Apache Tomcat 6.0.6
Apache Tomcat 6.0.5
Apache Tomcat 6.0.4
Apache Tomcat 6.0.3
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 6.0
Apache Tomcat 5.5.25
Apache Tomcat 5.5.24
Apache Tomcat 5.5.23
Apache Tomcat 5.5.22
Apache Tomcat 5.5.21
Apache Tomcat 5.5.20
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
Apache Tomcat 5.5.19
Apache Tomcat 5.5.18
Apache Tomcat 5.5.17
Apache Tomcat 5.5.16
Apache Tomcat 5.5.15
Apache Tomcat 5.5.14
Apache Tomcat 5.5.13
Apache Tomcat 5.5.12
Apache Tomcat 5.5.11
Apache Tomcat 5.5.10
Apache Tomcat 5.5.9
Not Vulnerable: WiKID Systems WiKID Server 3.0.5
VMWare VirtualCenter 2.5 Update 6
VMWare vCenter 4.0 Update 1
HP XP P9000 Performance Advisor 5.5.1


 

Privacy Statement
Copyright 2010, SecurityFocus