Apache Tomcat JULI Logging Component Default Security Policy Vulnerability

Bugtraq ID:	27006
Class:	Access Validation Error
CVE:	CVE-2007-5342
Remote:	No
Local:	Yes
Published:	Dec 24 2007 12:00AM
Updated:	Nov 21 2009 12:07AM
Credit:	Mark Thomas discovered this issue.
Vulnerable:	WiKID Systems WiKID Server 3.0.4 VMWare VirtualCenter Management Server 2 VMWare VirtualCenter 2.0.2 VMWare VirtualCenter 2.5 VMWare vCenter 4.0 VMWare Server 2.0 VMWare ESX Server 3.0.3 VMWare ESX Server 3.0.2 VMWare ESX Server 3.0.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 S.u.S.E. SUSE Linux Enterprise Server 10 SP2 RedHat JBoss Enterprise Application Platform 4.3 EL5 RedHat JBoss Enterprise Application Platform 4.3 EL4 RedHat JBoss Enterprise Application Platform 4.2 EL5 RedHat JBoss Enterprise Application Platform 4.2 EL4 RedHat Fedora 8 0 RedHat Fedora 7 0 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server RedHat Developer Suite EL4 3 RedHat Application Server WS4 2 RedHat Application Server ES4 2 RedHat Application Server AS4 2 Pardus Linux 2008 0 MandrakeSoft Linux Mandrake 2008.1 x86_64 MandrakeSoft Linux Mandrake 2008.1 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 Gentoo www-servers/tomcat 6.0.15 Gentoo www-servers/tomcat 6.0.14 Gentoo www-servers/tomcat 6.0.13 Gentoo www-servers/tomcat 6.0.12 Gentoo www-servers/tomcat 6.0.11 Gentoo www-servers/tomcat 6.0.10 Gentoo www-servers/tomcat 6.0.9 Gentoo www-servers/tomcat 6.0.8 Gentoo www-servers/tomcat 6.0.7 Gentoo www-servers/tomcat 6.0.6 Gentoo www-servers/tomcat 6.0.5 Gentoo www-servers/tomcat 6.0.4 Gentoo www-servers/tomcat 6.0.3 Gentoo www-servers/tomcat 6.0.2 Gentoo www-servers/tomcat 6.0.1 Gentoo www-servers/tomcat 6.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Avaya Meeting Exchange - Enterprise Edition Avaya Meeting Exchange 5.0 .0.52 Avaya Meeting Exchange 5.0 Avaya AES 4.2.1 Avaya AES 4.0.1 Avaya AES 3.1.6 Avaya AES 3.1.5 Avaya AES 3.1.4 Avaya AES 3.1.3 Avaya AES 4.2 Avaya AES 4.1 Avaya AES 4.0 Avaya AES 3.1 Avaya AES 3.0 Apple Mac OS X Server 10.5.5 Apache Software Foundation Tomcat 6.0.15 Apache Software Foundation Tomcat 6.0.14 Apache Software Foundation Tomcat 6.0.13 Apache Software Foundation Tomcat 6.0.12 Apache Software Foundation Tomcat 6.0.11 Apache Software Foundation Tomcat 6.0.10 Apache Software Foundation Tomcat 6.0.9 Apache Software Foundation Tomcat 6.0.8 Apache Software Foundation Tomcat 6.0.7 Apache Software Foundation Tomcat 6.0.6 Apache Software Foundation Tomcat 6.0.5 Apache Software Foundation Tomcat 6.0.4 Apache Software Foundation Tomcat 6.0.3 Apache Software Foundation Tomcat 6.0.2 Apache Software Foundation Tomcat 6.0.1 Apache Software Foundation Tomcat 6.0 Apache Software Foundation Tomcat 5.5.25 Apache Software Foundation Tomcat 5.5.24 Apache Software Foundation Tomcat 5.5.23 Apache Software Foundation Tomcat 5.5.22 Apache Software Foundation Tomcat 5.5.21 Apache Software Foundation Tomcat 5.5.20 Apache Software Foundation Tomcat 5.5.20 + Gentoo Linux 1.4 _rc3 + Gentoo Linux 1.4 _rc2 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.2 Apache Software Foundation Tomcat 5.5.19 Apache Software Foundation Tomcat 5.5.18 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.16 Apache Software Foundation Tomcat 5.5.15 Apache Software Foundation Tomcat 5.5.14 Apache Software Foundation Tomcat 5.5.13 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.9

Not Vulnerable:	WiKID Systems WiKID Server 3.0.5 VMWare vCenter 4.0 Update 1