NVD Vulnerability Detail

CVE-2007-5342

Summary	The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
Publication Date	Dec. 28, 2007, 7:46 a.m.
Registration Date	Jan. 29, 2021, 2:21 p.m.
Last Update	Feb. 13, 2023, 11:18 a.m.

CVSS2.0 : MEDIUM
Score	6.4
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:tomcat:5.5.18:::::::*
cpe:2.3:a:apache:tomcat:6.0.6:::::::*
cpe:2.3:a:apache:tomcat:6.0.11:::::::*
cpe:2.3:a:apache:tomcat:5.5.12:::::::*
cpe:2.3:a:apache:tomcat:5.5.14:::::::*
cpe:2.3:a:apache:tomcat:5.5.10:::::::*
cpe:2.3:a:apache:tomcat:6.0.7:::::::*
cpe:2.3:a:apache:tomcat:5.5.11:::::::*
cpe:2.3:a:apache:tomcat:6.0.4:::::::*
cpe:2.3:a:apache:tomcat:5.5.20:::::::*
cpe:2.3:a:apache:tomcat:5.5.15:::::::*
cpe:2.3:a:apache:tomcat:6.0.15:::::::*
cpe:2.3:a:apache:tomcat:5.5.21:::::::*
cpe:2.3:a:apache:tomcat:5.5.22:::::::*
cpe:2.3:a:apache:tomcat:6.0.10:::::::*
cpe:2.3:a:apache:tomcat:6.0.3:::::::*
cpe:2.3:a:apache:tomcat:6.0.9:::::::*
cpe:2.3:a:apache:tomcat:6.0:::::::*
cpe:2.3:a:apache:tomcat:5.5.9:::::::*
cpe:2.3:a:apache:tomcat:5.5.25:::::::*
cpe:2.3:a:apache:tomcat:6.0.14:::::::*
cpe:2.3:a:apache:tomcat:5.5.13:::::::*
cpe:2.3:a:apache:tomcat:6.0.1:::::::*
cpe:2.3:a:apache:tomcat:6.0.12:::::::*
cpe:2.3:a:apache:tomcat:5.5.24:::::::*
cpe:2.3:a:apache:tomcat:5.5.16:::::::*
cpe:2.3:a:apache:tomcat:6.0.5:::::::*
cpe:2.3:a:apache:tomcat:5.5.17:::::::*
cpe:2.3:a:apache:tomcat:5.5.19:::::::*
cpe:2.3:a:apache:tomcat:6.0.2:::::::*
cpe:2.3:a:apache:tomcat:6.0.13:::::::*
cpe:2.3:a:apache:tomcat:5.5.23:::::::*
cpe:2.3:a:apache:tomcat:6.0.8:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://svn.apache.org/viewvc?view=rev&revision=606594	MISC
2	http://tomcat.apache.org/security-5.html	CONFIRM
3	http://tomcat.apache.org/security-6.html	CONFIRM
4	http://www.securityfocus.com/bid/27006	BID	Patch
5	http://www.debian.org/security/2008/dsa-1447	DEBIAN
6	http://secunia.com/advisories/28274	SECUNIA
7	http://secunia.com/advisories/28317	SECUNIA
8	http://securityreason.com/securityalert/3485	SREASON
9	https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html	FEDORA
10	https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html	FEDORA
11	http://secunia.com/advisories/28915	SECUNIA
12	http://www.redhat.com/support/errata/RHSA-2008-0042.html	REDHAT
13	http://secunia.com/advisories/29313	SECUNIA
14	http://security.gentoo.org/glsa/glsa-200804-10.xml	GENTOO
15	http://secunia.com/advisories/29711	SECUNIA
16	http://www.redhat.com/support/errata/RHSA-2008-0195.html	REDHAT
17	http://secunia.com/advisories/30676	SECUNIA
18	http://www.vmware.com/security/advisories/VMSA-2008-0010.html	CONFIRM
19	http://www.mandriva.com/security/advisories?name=MDVSA-2008:188	MANDRIVA
20	http://www.redhat.com/support/errata/RHSA-2008-0862.html	REDHAT
21	http://www.securityfocus.com/bid/31681	BID
22	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html	APPLE
23	http://secunia.com/advisories/32222	SECUNIA
24	http://support.apple.com/kb/HT3216	CONFIRM
25	http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm	CONFIRM
26	http://osvdb.org/39833	OSVDB
27	http://secunia.com/advisories/32120	SECUNIA
28	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html	SUSE
29	http://secunia.com/advisories/32266	SECUNIA
30	http://www.redhat.com/support/errata/RHSA-2008-0831.html	REDHAT
31	http://www.redhat.com/support/errata/RHSA-2008-0833.html	REDHAT
32	http://www.redhat.com/support/errata/RHSA-2008-0834.html	REDHAT
33	http://www.redhat.com/support/errata/RHSA-2008-0832.html	REDHAT
34	http://www.vupen.com/english/advisories/2009/3316	VUPEN
35	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	CONFIRM
36	http://secunia.com/advisories/37460	SECUNIA
37	http://www.vupen.com/english/advisories/2008/2823	VUPEN
38	http://www.vupen.com/english/advisories/2008/1856/references	VUPEN
39	http://www.vupen.com/english/advisories/2008/0013	VUPEN
40	http://www.vupen.com/english/advisories/2008/2780	VUPEN
41	http://marc.info/?l=bugtraq&m=139344343412337&w=2	HP
42	http://secunia.com/advisories/57126	SECUNIA
43	https://exchange.xforce.ibmcloud.com/vulnerabilities/39201	XF
44	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417	OVAL
45	http://www.securityfocus.com/archive/1/507985/100/0/threaded	BUGTRAQ
46	http://www.securityfocus.com/archive/1/485481/100/0/threaded	BUGTRAQ
47	https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E	MISC
48	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E	MISC
49	https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E	MISC
50	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E	MISC

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-264	認可・権限・アクセス制御	https://cwe.mitre.org/data/definitions/264.html

JVN Vulnerability Information

Apache Tomcat の JULI ロギングコンポーネントにおけるウェブアプリケーションのパーミッションに関する脆弱性

Title	Apache Tomcat の JULI ロギングコンポーネントにおけるウェブアプリケーションのパーミッションに関する脆弱性
Summary	Apache Tomcat の JULI ロギングコンポーネントには、catalina.policy において、ウェブアプリケーションのパーミッションを適切に処理しない脆弱性が存在します。
Possible impacts	第三者により、ロギング設定オプションを改ざんされたり、任意のファイルを上書きされたりする可能性があります。
Solution	ベンダより対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Dec. 27, 2007, midnight
Registration Date	Jan. 17, 2008, 12:03 p.m.
Last Update	March 5, 2015, 6:27 p.m.

Affected System

レッドハット

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 5.0 (client)

RHEL Desktop Workstation 5 (client)

ヒューレット・パッカード

HP XP P9000 Performance Advisor ソフトウェア 5.4.1 未満

Apache Software Foundation

Apache Tomcat 5.5.9 から 5.5.25 のバージョン

Apache Tomcat 6.0.0 から 6.0.15 のバージョン

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

アップル

Apple Mac OS X Server v10.5.5

VMware

VMware ESX 3.0.3

VMware ESX 3.5

VMware ESX 4.0

VMware Server 2.x

VMware vCenter 4.0

VMware VirtualCenter 2.0.2

VMware VirtualCenter 2.5

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2007-5342	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
National Vulnerability Database (NVD)
2	CVE-2007-5342	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5342

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-264	https://jvndb.jvn.jp/ja/cwe/CWE-264.html

ベンダー情報

No	Name	URL
Apache Tomcat
1	Fixed in SVN trunk and proposed for inclusion in 5.5.x	http://tomcat.apache.org/security-5.html
2	Fixed in SVN trunk and proposed for inclusion in 6.0.x	http://tomcat.apache.org/security-6.html
Apache-SVN
3	Revision 606594	http://svn.apache.org/viewvc?view=rev&revision=606594
Apple Security Updates
4	HT3216	http://support.apple.com/kb/HT3216
Apple セキュリティアップデート
5	HT3216	http://support.apple.com/kb/HT3216?viewlocale=ja_JP
Asianux Technical Support Network
6	tomcat5-5.5.23-0jpp.3.0.3.1AX	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=117
HP セキュリティ報告
7	HPSBST02955 SSRT101157	http://h20000.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04047415
Red Hat Security Advisory
8	RHSA-2008:0042	https://rhn.redhat.com/errata/RHSA-2008-0042.html
9	RHSA-2008:0195	https://rhn.redhat.com/errata/RHSA-2008-0195.html
10	RHSA-2008:0831	https://rhn.redhat.com/errata/RHSA-2008-0831.html
11	RHSA-2008:0832	https://rhn.redhat.com/errata/RHSA-2008-0832.html
12	RHSA-2008:0833	https://rhn.redhat.com/errata/RHSA-2008-0833.html
13	RHSA-2008:0834	https://rhn.redhat.com/errata/RHSA-2008-0834.html
14	RHSA-2008:0862	https://rhn.redhat.com/errata/RHSA-2008-0862.html
SECURITY BLOG
15	Multiple vulnerabilities in Oracle Java Web Console	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java1
VMware Security Advisories
16	VMSA-2008-0010.3	http://www.vmware.com/security/advisories/VMSA-2008-0010.html
17	VMSA-2009-0016	http://www.vmware.com/security/advisories/VMSA-2009-0016.html

その他

No	Name	URL
FrSIRT Advisories
1	FrSIRT/ADV-2008-0013	http://www.frsirt.com/english/advisories/2008/0013
ISS X-Force Database
2	39201	http://xforce.iss.net/xforce/xfdb/39201
Secunia Advisory
3	SA28274	http://secunia.com/advisories/28274/
SecurityFocus
4	27006	http://www.securityfocus.com/bid/27006
関連文書
5	ASA-2008-401 (RHSA-2008-0862)	https://downloads.avaya.com/elmodocs2/security/ASA-2008-401.htm

Change Log

No	Changed Details	Date of change
0	[2008年01月17日] 掲載 [2008年03月24日] 影響を受けるシステム：レッドハット (RHSA-2008:0100) の情報追加。ベンダ情報：レッドハット (RHSA-2008:0100) を追加。 [2008年04月21日] 影響を受けるシステム：ミラクル・リナックス (tomcat5-5.5.23-0jpp.3.0.3.1AX) の情報追加。ベンダ情報: ミラクル・リナックス (tomcat5-5.5.23-0jpp.3.0.3.1AX) 追加。 [2008年11月04日] 影響を受けるシステム：アップル（HT3216）の情報を追加ベンダ情報：アップル（HT3216）を追加 [2010年01月05日] 影響を受けるシステム：VMware (VMSA-2009-0016) の情報を追加ベンダ情報：VMware (VMSA-2009-0016) を追加 [2012年09月24日] ベンダ情報：オラクル (Multiple vulnerabilities in Oracle Java Web Console) を追加 [2015年03月05日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：ヒューレット・パッカード (HPSBST02955 SSRT101157) を追加ベンダ情報：VMware (VMSA-2008-0010.3) を追加ベンダ情報：レッドハット (RHSA-2008:0862) を追加ベンダ情報：レッドハット (RHSA-2008:0831) を追加ベンダ情報：レッドハット (RHSA-2008:0833) を追加ベンダ情報：レッドハット (RHSA-2008:0834) を追加ベンダ情報：レッドハット (RHSA-2008:0195) を追加ベンダ情報：レッドハット (RHSA-2008:0832) を追加参考情報：関連文書 (ASA-2008-401 (RHSA-2008-0862)) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:tomcat:5.5.18:::::::*
cpe:2.3:a:apache:tomcat:6.0.6:::::::*
cpe:2.3:a:apache:tomcat:6.0.11:::::::*
cpe:2.3:a:apache:tomcat:5.5.12:::::::*
cpe:2.3:a:apache:tomcat:5.5.14:::::::*
cpe:2.3:a:apache:tomcat:5.5.10:::::::*
cpe:2.3:a:apache:tomcat:6.0.7:::::::*
cpe:2.3:a:apache:tomcat:5.5.11:::::::*
cpe:2.3:a:apache:tomcat:6.0.4:::::::*
cpe:2.3:a:apache:tomcat:5.5.20:::::::*
cpe:2.3:a:apache:tomcat:5.5.15:::::::*
cpe:2.3:a:apache:tomcat:6.0.15:::::::*
cpe:2.3:a:apache:tomcat:5.5.21:::::::*
cpe:2.3:a:apache:tomcat:5.5.22:::::::*
cpe:2.3:a:apache:tomcat:6.0.10:::::::*
cpe:2.3:a:apache:tomcat:6.0.3:::::::*
cpe:2.3:a:apache:tomcat:6.0.9:::::::*
cpe:2.3:a:apache:tomcat:6.0:::::::*
cpe:2.3:a:apache:tomcat:5.5.9:::::::*
cpe:2.3:a:apache:tomcat:5.5.25:::::::*
cpe:2.3:a:apache:tomcat:6.0.14:::::::*
cpe:2.3:a:apache:tomcat:5.5.13:::::::*
cpe:2.3:a:apache:tomcat:6.0.1:::::::*
cpe:2.3:a:apache:tomcat:6.0.12:::::::*
cpe:2.3:a:apache:tomcat:5.5.24:::::::*
cpe:2.3:a:apache:tomcat:5.5.16:::::::*
cpe:2.3:a:apache:tomcat:6.0.5:::::::*
cpe:2.3:a:apache:tomcat:5.5.17:::::::*
cpe:2.3:a:apache:tomcat:5.5.19:::::::*
cpe:2.3:a:apache:tomcat:6.0.2:::::::*
cpe:2.3:a:apache:tomcat:6.0.13:::::::*
cpe:2.3:a:apache:tomcat:5.5.23:::::::*
cpe:2.3:a:apache:tomcat:6.0.8:::::::*