Vulnerability Data

by Reconmap

CVE-2013-2067

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.

Published at
2013-06-01T14:21Z
3843 days ago
Modified
2019-04-15T16:29Z
1699 days ago
CWE-287
Problem type

References


URLType
svn.apache.org
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1417891&r2=1417890&pathrev=1417891		CONFIRM
svn.apache.org
http://svn.apache.org/viewvc?view=revision&revision=1417891		CONFIRM
svn.apache.org
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1408044&r2=1408043&pathrev=1408044		CONFIRM
tomcat.apache.org
http://tomcat.apache.org/security-6.html		CONFIRM
tomcat.apache.org
http://tomcat.apache.org/security-7.html		CONFIRM
svn.apache.org
http://svn.apache.org/viewvc?view=revision&revision=1408044		CONFIRM
USN-1841-1
http://www.ubuntu.com/usn/USN-1841-1		UBUNTU
RHSA-2013:0964
http://rhn.redhat.com/errata/RHSA-2013-0964.html		REDHAT
RHSA-2013:0839
http://rhn.redhat.com/errata/RHSA-2013-0839.html		REDHAT
RHSA-2013:1437
http://rhn.redhat.com/errata/RHSA-2013-1437.html		REDHAT
RHSA-2013:0834
http://rhn.redhat.com/errata/RHSA-2013-0834.html		REDHAT
RHSA-2013:0833
http://rhn.redhat.com/errata/RHSA-2013-0833.html		REDHAT
20130510 [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator
http://archives.neohapsis.com/archives/bugtraq/2013-05/0041.html		BUGTRAQ
64758
http://www.securityfocus.com/bid/64758		BID
www.oracle.com
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html		CONFIRM
www.oracle.com
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html		CONFIRM
59799
http://www.securityfocus.com/bid/59799		BID
[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E		MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E		MLIST
[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E		MLIST
[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E		MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E		MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E		MLIST

GET https://vulnerabilitydata.com/api/details/CVE-2013-2067

{
	"id": "CVE-2013-2067",
	"published_date": "2013-06-01T14:21Z",
	"last_modified_date": "2019-04-15T16:29Z",
	"assigner": "secalert@redhat.com",
	"description": "java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.",
	"references": [
		{
			"url": "http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1417891&r2=1417890&pathrev=1417891",
			"name": "http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1417891&r2=1417890&pathrev=1417891",
			"refsource": "CONFIRM",
			"tags": [
				"Patch"
			]
		},
		{
			"url": "http://svn.apache.org/viewvc?view=revision&revision=1417891",
			"name": "http://svn.apache.org/viewvc?view=revision&revision=1417891",
			"refsource": "CONFIRM",
			"tags": [
				"Patch"
			]
		},
		{
			"url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1408044&r2=1408043&pathrev=1408044",
			"name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?r1=1408044&r2=1408043&pathrev=1408044",
			"refsource": "CONFIRM",
			"tags": [
				"Patch"
			]
		},
		{
			"url": "http://tomcat.apache.org/security-6.html",
			"name": "http://tomcat.apache.org/security-6.html",
			"refsource": "CONFIRM",
			"tags": [
				"Vendor Advisory"
			]
		},
		{
			"url": "http://tomcat.apache.org/security-7.html",
			"name": "http://tomcat.apache.org/security-7.html",
			"refsource": "CONFIRM",
			"tags": [
				"Vendor Advisory"
			]
		},
		{
			"url": "http://svn.apache.org/viewvc?view=revision&revision=1408044",
			"name": "http://svn.apache.org/viewvc?view=revision&revision=1408044",
			"refsource": "CONFIRM",
			"tags": [
				"Patch"
			]
		},
		{
			"url": "http://www.ubuntu.com/usn/USN-1841-1",
			"name": "USN-1841-1",
			"refsource": "UBUNTU",
			"tags": []
		},
		{
			"url": "http://rhn.redhat.com/errata/RHSA-2013-0964.html",
			"name": "RHSA-2013:0964",
			"refsource": "REDHAT",
			"tags": []
		},
		{
			"url": "http://rhn.redhat.com/errata/RHSA-2013-0839.html",
			"name": "RHSA-2013:0839",
			"refsource": "REDHAT",
			"tags": []
		},
		{
			"url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html",
			"name": "RHSA-2013:1437",
			"refsource": "REDHAT",
			"tags": []
		},
		{
			"url": "http://rhn.redhat.com/errata/RHSA-2013-0834.html",
			"name": "RHSA-2013:0834",
			"refsource": "REDHAT",
			"tags": []
		},
		{
			"url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html",
			"name": "RHSA-2013:0833",
			"refsource": "REDHAT",
			"tags": []
		},
		{
			"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0041.html",
			"name": "20130510 [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator",
			"refsource": "BUGTRAQ",
			"tags": []
		},
		{
			"url": "http://www.securityfocus.com/bid/64758",
			"name": "64758",
			"refsource": "BID",
			"tags": []
		},
		{
			"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
			"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
			"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.securityfocus.com/bid/59799",
			"name": "59799",
			"refsource": "BID",
			"tags": []
		},
		{
			"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",
			"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
			"refsource": "MLIST",
			"tags": []
		},
		{
			"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",
			"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
			"refsource": "MLIST",
			"tags": []
		},
		{
			"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",
			"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
			"refsource": "MLIST",
			"tags": []
		},
		{
			"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",
			"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
			"refsource": "MLIST",
			"tags": []
		},
		{
			"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",
			"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
			"refsource": "MLIST",
			"tags": []
		},
		{
			"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",
			"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
			"refsource": "MLIST",
			"tags": []
		}
	],
	"impact": {
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
				"accessVector": "NETWORK",
				"accessComplexity": "MEDIUM",
				"authentication": "NONE",
				"confidentialityImpact": "PARTIAL",
				"integrityImpact": "PARTIAL",
				"availabilityImpact": "PARTIAL",
				"baseScore": 6.8
			},
			"severity": "MEDIUM",
			"exploitabilityScore": 8.6,
			"impactScore": 6.4,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": true
		}
	},
	"problem_type": "CWE-287"
}