Apache Tomcat Allows Remote Attackers to Spoof AJP Requests

GHSA-c38m-v4m2-524v · CVE-2011-3190

Published May 14, 2022 · Modified Feb 21, 2024

Description

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2011-3190
WEB https://github.com/apache/tomcat/commit/a2538ce78f83b7376c48d12d8247600079d789b1
WEB https://github.com/apache/tomcat55/commit/be3eb28f82250a5c81a1c42216570ebf892aefac
WEB https://exchange.xforce.ibmcloud.com/vulnerabilities/69472
PACKAGE https://github.com/apache/tomcat
WEB https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
WEB https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
WEB https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
WEB https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
WEB https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
WEB https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933
WEB https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465
WEB https://web.archive.org/web/20130121232525/http://www.securityfocus.com/archive/1/519466/100/0/threaded
WEB https://web.archive.org/web/20130314002148/http://www.securityfocus.com/bid/49353
WEB https://web.archive.org/web/20131214094052/http://www.securitytracker.com/id?1025993
WEB http://marc.info/?l=bugtraq&m=132215163318824&w=2
WEB http://marc.info/?l=bugtraq&m=133469267822771&w=2
WEB http://marc.info/?l=bugtraq&m=136485229118404&w=2
WEB http://marc.info/?l=bugtraq&m=139344343412337&w=2
WEB http://securityreason.com/securityalert/8362
WEB http://www.debian.org/security/2012/dsa-2401
WEB http://www.mandriva.com/security/advisories?name=MDVSA-2011:156

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes