Re: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability

• Previous message: skinnay@skinnux.com: "Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• In reply to: skinnay@skinnux.com: "Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Next in thread: rulerpen: "RE: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Reply: rulerpen: "RE: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Reply: KF: "Re: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 21 Aug 2002 16:07:02 -0700 (PDT)
From: "Chip McClure" <vhm3@gigguardian.com>
To: <skinnay@skinnux.com>

This doesn't appear to be backwards compatible, (possibly not even cross
platform) though.

Tested on an apache / tomcat 4.0.4 server, running FreeBSD. No alerts, just
an error 400 page...

I don't have access to a tomcat 4.1 system, so can't test there.

Chip

-----
Chip McClure
Sr. Unix Administrator
GigGuardian, Inc.

http://www.gigguardian.com/
-----

> ***** This writing is part of Malloc() Hackers & Malloc() Security
> *****
> http://www.malloc.tk
> http://www.superw00t.com
>
*******************************************************************************>
> Title: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability
> ~~~
> Author: Skinnay of Malloc()
> ~~~~~
>
> Contact: "Skinnay" - (skinnay@skinnux.com)
> ~~~~~~
>
> No modification of the contents of this file should be made
> without direct consent of the author or of Malloc() hackers or
> Malloc() Security.
> ************************************************************************
>
>
>
> Apache Tomcat is a Webserver/servlet engine available for multiple *nix
> platforms and Windows platforms.
>
>
> There exist a cross-site scripting vulnerability in Apache Tomcat
> that may allow people to craft links to vulnerable webservers
> and execute malicious instructions.
>
>
> Exploitation:
>
> Tested on Tomcat 4.1 / Linux
>
> http://example.com:8080/666%0a%0a>alert("asdf");</script>666.jsp
>
>
>
> Found by Skinnay of Malloc().. word.. :P

• Previous message: skinnay@skinnux.com: "Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• In reply to: skinnay@skinnux.com: "Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Next in thread: rulerpen: "RE: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Reply: rulerpen: "RE: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Reply: KF: "Re: Apache Tomcat 4.1 Cross-Site Scripting Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Still looking for a calendar server... ... Still looking for a calendar server... ... getting tomcat to work with apache is becoming a challenge. ... I'm currently trying to get bedework working, ... (freebsd-questions) Q_How_can_configure_apache_=28_with_a_module_fo_tomcat?= ) to redirect some urls to a servlet ? ... Hello, list, I have installed standalone tomcat, and works well. ... make the result, but when with I try to see with apache, apache try to find ... JkMount /servlet/* ajp13 ... # - A jni inprocess worker. ... (RedHat) Update: tomcat startup ... we run Apache on this system, it is not for the benefit of tomcat. ... The relevant extract of the init script now looks like this: ... I get the expected tomcat startup lines in /tmp/tomcat_start.log. ... (Tru64-UNIX-Managers) Re: preferred web environment ... > considered EOL, as is Tomcat 4.x. ... There are good reasons to stick with apache 1.3.x. ... if you need an apache module that Tomcat doesn't support, ... JBoss has it's own HTTP server written in Java, ... (RedHat) [Summary] partitian filling up, cocoon.dat over 500MB ... tomcat periodically. ... tomcat and Apache have to be shutdown before and started up ... - University of Massachusetts, Amherst ... partitian filling up, cocoon.dat over 500MB ... (SunManagers)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint