Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses

Bugtraq ID: 49762
Class: Unknown
CVE: CVE-2011-1184
CVE-2011-5062
CVE-2011-5063
CVE-2011-5064
Remote: Yes
Local: No
Published: Sep 26 2011 12:00AM
Updated: Apr 13 2015 09:54PM
Credit: Reported by the vendor
Vulnerable: Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Server for VMware 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP1
SuSE Manager (for SLE 11 SP1) 1.2
Sun Solaris 10
S.u.S.E. openSUSE 11.4
Redhat JBoss Enterprise Web Server for RHEL 6 1.0
Redhat JBoss Enterprise Web Server for RHEL 5 Server 1.0
Redhat JBoss Enterprise Application Platform for RHEL 6 Server 5
Redhat JBoss Enterprise Application Platform for RHEL 5 Server 5
Redhat JBoss Enterprise Application Platform for RHEL 4ES 5
Redhat JBoss Enterprise Application Platform for RHEL 4AS 5
Redhat JBoss Communications Platform 5.1.2
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IBM Storwize V7000 Unified 1.3.2 0
IBM Storwize V7000 Unified 1.3.1.0
IBM Storwize V7000 Unified 1.3.0.5
IBM Storwize V7000 Unified 1.3.0.0
IBM Rational Policy Tester 8.5.0.1
IBM Rational Policy Tester 8.5
IBM Rational Policy Tester 8.0
IBM Rational AppScan Enterprise 8.6
IBM Rational AppScan Enterprise 8.5.0.1
IBM Rational AppScan Enterprise 8.0.1.1
IBM Rational AppScan Enterprise 8.0.1
IBM Rational AppScan Enterprise 8.0.0.1
IBM Rational AppScan Enterprise 8.0.0
HP XP P9000 Performance Advisor 5.4.1
HP OpenVMS Secure Web Server 7.3 -2
HP OpenVMS Secure Web Server 7.3 -1
HP OpenVMS Secure Web Server 7.3
HP OpenVMS Secure Web Server 7.2 -2
HP OpenVMS Secure Web Server 1.2
HP OpenVMS Secure Web Server 1.1 -1
HP OpenVMS Secure Web Server 2.2
HP OpenVMS Secure Web Server 2.1-1
HP HP-UX Web Server Suite 3.22
HP HP-UX Web Server Suite 3.21
HP HP-UX Web Server Suite 3.18
HP HP-UX Web Server Suite 3.17
HP HP-UX B.11.31
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CTERA Networks CTERA Portal 3.1
Blue Coat Systems Intelligence Center 3.2.1
Blue Coat Systems Intelligence Center 3.1.2
Blue Coat Systems Intelligence Center 3.1.1
Blue Coat Systems Intelligence Center 2.1.2
Blue Coat Systems Intelligence Center 2.1.1
Blue Coat Systems Intelligence Center 2.1
Blue Coat Systems Intelligence Center 2.0.1
Blue Coat Systems Intelligence Center 2.0
Blue Coat Systems Intelligence Center 3.2
Blue Coat Systems Intelligence Center 3.1
Avaya Aura System Manager 6.1.3
Avaya Aura System Manager 6.1.2
Avaya Aura System Manager 6.1.1
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.7
Apache Tomcat 7.0.6
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0
Apache Tomcat 6.0.28
Apache Tomcat 6.0.27
Apache Tomcat 6.0.26
Apache Tomcat 6.0.25
Apache Tomcat 6.0.24
Apache Tomcat 6.0.20
Apache Tomcat 6.0.18
Apache Tomcat 6.0.17
Apache Tomcat 6.0.16
Apache Tomcat 6.0.15
Apache Tomcat 6.0.14
Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 6.0
Apache Tomcat 5.5.32
Apache Tomcat 5.5.30
Apache Tomcat 5.5.29
Apache Tomcat 5.5.28
Apache Tomcat 5.5.27
Apache Tomcat 5.5.26
Apache Tomcat 5.5.25
Apache Tomcat 5.5.24
Apache Tomcat 5.5.23
Apache Tomcat 5.5.22
Apache Tomcat 5.5.21
Apache Tomcat 5.5.20
Apache Tomcat 5.5.19
Apache Tomcat 5.5.18
Apache Tomcat 5.5.17
Apache Tomcat 5.5.16
Apache Tomcat 5.5.15
Apache Tomcat 5.5.14
Apache Tomcat 5.5.13
Apache Tomcat 5.5.12
Apache Tomcat 5.5.11
Apache Tomcat 5.5.10
Apache Tomcat 5.5.3
Apache Tomcat 5.5.2
Apache Tomcat 5.5.1
Apache Tomcat 5.5
Apache Tomcat 7.0.5
Apache Tomcat 7.0.11
Apache Tomcat 7.0.10
Apache Tomcat 6.0.32
Apache Tomcat 6.0.31
Apache Tomcat 6.0.30
Apache Tomcat 6.0.29
Apache Tomcat 6.0.19
Apache Tomcat 5.5.33
Apache Tomcat 5.5.33
Apache Tomcat 5.5.31
Not Vulnerable: Redhat JBoss Communications Platform 5.1.3
IBM Storwize V7000 Unified 1.4 0
IBM Storwize V7000 Unified 1.3.2 3
HP XP P9000 Performance Advisor 5.5.1
CTERA Networks CTERA Portal 3.2.28
CTERA Networks CTERA Portal 3.1.39
Blue Coat Systems Intelligence Center 3.2.2.1
Apache Tomcat 7.0.12
Apache Tomcat 5.5.34
Apache Tomcat 6.0.33


 

Privacy Statement
Copyright 2010, SecurityFocus