Apache Tomcat DIGEST Authentication Multiple Security Weaknesses

Bugtraq ID: 56403
Class: Unknown
CVE: CVE-2012-5885
CVE-2012-5886
CVE-2012-5887
Remote: Yes
Local: No
Published: Nov 06 2012 12:00AM
Updated: Apr 13 2015 09:21PM
Credit: Tilmann Kuhn and Tomcat Security Team
Vulnerable: VMWare vCenter Server 5.1
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Redhat JBoss Enterprise Web Server EL6 2.0
Redhat JBoss Enterprise Web Server EL5 2.0
Redhat Jboss Enterprise Soa Platform 5.3.1
Redhat JBoss Enterprise Application Platform 6 EL6
Redhat JBoss Enterprise Application Platform 6 EL5
Redhat JBoss Data Grid 6.0.1
Redhat JBoss BRMS 5.3.1
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Juniper Network and Security Manager (NSM) 2012.2
Juniper Network and Security Manager (NSM) 2012.1
Juniper Network and Security Manager (NSM) 2011.4
Juniper Network and Security Manager (NSM) 2010.3
IBM Rational Team Concert 4.0.1
IBM Rational Team Concert 4.0
IBM Rational Requirements Composer 4.0.1
IBM Rational Requirements Composer 4.0
IBM Rational Collaborative Lifecycle Management Solution 4.0.1
IBM Rational Collaborative Lifecycle Management Solution 4.0
HP HP-UX Web Server Suite 3.22
HP HP-UX Web Server Suite 3.21
HP HP-UX Web Server Suite 3.18
HP HP-UX Web Server Suite 3.17
HP HP-UX B.11.31
HP HP-UX B.11.23
Gentoo Linux
CTERA Networks CTERA Portal 3.1
CentOS CentOS 6
CentOS CentOS 5
Avaya one-X Client Enablement Service 6.1 SP2
Avaya one-X Client Enablement Service 6.1 Sp1
Avaya one-X Client Enablement Service 6.1
Avaya one-X Client Enablement Service 6.0 SP3
Avaya one-X Client Enablement Service 6.0 SP2
Avaya one-X Client Enablement Service 6.0 SP1
Avaya Aura System Manager 6.2.3
Avaya Aura System Manager 6.2 SP3
Avaya Aura System Manager 6.2
Avaya Aura System Manager 6.1.5
Avaya Aura System Manager 6.1.3
Avaya Aura System Manager 6.1.2
Avaya Aura System Manager 6.1.1
Avaya Aura System Manager 6.1 SP2
Avaya Aura System Manager 6.1 Sp1
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0 SP1
Avaya Aura System Manager 6.0
Apache Tomcat 7.0.29
Apache Tomcat 7.0.28
Apache Tomcat 7.0.27
Apache Tomcat 7.0.26
Apache Tomcat 7.0.25
Apache Tomcat 7.0.24
Apache Tomcat 7.0.23
Apache Tomcat 7.0.16
Apache Tomcat 7.0.15
Apache Tomcat 7.0.14
Apache Tomcat 7.0.13
Apache Tomcat 7.0.12
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0
Apache Tomcat 6.0.35
Apache Tomcat 6.0.29
Apache Tomcat 6.0.28
Apache Tomcat 6.0.27
Apache Tomcat 6.0.26
Apache Tomcat 6.0.25
Apache Tomcat 6.0.24
Apache Tomcat 6.0.20
Apache Tomcat 6.0.18
Apache Tomcat 6.0.17
Apache Tomcat 6.0.16
Apache Tomcat 6.0.15
Apache Tomcat 6.0.14
Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 6.0
Apache Tomcat 5.5.35
Apache Tomcat 5.5.34
Apache Tomcat 5.5.32
Apache Tomcat 5.5.30
Apache Tomcat 5.5.29
Apache Tomcat 5.5.28
Apache Tomcat 5.5.27
Apache Tomcat 5.5.26
Apache Tomcat 5.5.25
Apache Tomcat 5.5.24
Apache Tomcat 5.5.23
Apache Tomcat 5.5.22
Apache Tomcat 5.5.21
Apache Tomcat 5.5.20
Apache Tomcat 5.5.19
Apache Tomcat 5.5.18
Apache Tomcat 5.5.17
Apache Tomcat 5.5.16
Apache Tomcat 5.5.15
Apache Tomcat 5.5.14
Apache Tomcat 5.5.13
Apache Tomcat 5.5.12
Apache Tomcat 5.5.11
Apache Tomcat 5.5.10
Apache Tomcat 5.5.3
Apache Tomcat 5.5.2
Apache Tomcat 5.5.1
Apache Tomcat 5.5
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.20
Apache Tomcat 7.0.19
Apache Tomcat 7.0.18
Apache Tomcat 7.0.17
Apache Tomcat 7.0.11
Apache Tomcat 7.0.10
Apache Tomcat 6.0.33
Apache Tomcat 6.0.32
Apache Tomcat 6.0.31
Apache Tomcat 6.0.30
Apache Tomcat 5.5.33
Apache Tomcat 0
Not Vulnerable: VMWare vCenter Server 5.1 Update 1
Redhat JBoss Enterprise Application Platform 6.0.1
Redhat JBoss Data Grid 6.1
CTERA Networks CTERA Portal 3.2.28
CTERA Networks CTERA Portal 3.1.39
Avaya one-X Client Enablement Service 6.1 SP3
Avaya Aura System Manager 6.3
Apache Tomcat 7.0.30
Apache Tomcat 6.0.36
Apache Tomcat 5.5.36


 

Privacy Statement
Copyright 2010, SecurityFocus