Bug 427766 (CVE-2007-5333)

Summary: CVE-2007-5333 Improve cookie parsing for tomcat5
Product: [Other] Security Response Reporter: Marc Schoenefeld <mschoene>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: djorm, dknox, kreilly, mmcallis, osoukup, vdanen
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-07-09 07:02:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 427779, 427780, 428255, 428256, 428257, 428258, 428259, 428261, 428262, 428263, 428264, 428265, 428268, 428269, 528913, 528914, 534162, 582770    
Bug Blocks:    

Description Marc Schoenefeld 2008-01-07 13:55:44 UTC 
Port the improved cookie parsing of tomcat6.0.x to tomcat5, 
see corresponding patch from tomcat-dev here: 

http://marc.info/?l=tomcat-dev&m=119965464418142&w=2
Comment 7 Marc Schoenefeld 2008-02-11 09:08:01 UTC 
New info from http://tomcat.apache.org/security-6.html

low: Session hi-jacking   CVE-2007-5333

The previous fix for CVE-2007-3385 was incomplete. It did not consider the use
of quotes or %5C within a cookie value.
Comment 8 Fedora Update System 2008-02-13 04:54:21 UTC 
tomcat5-5.5.26-1jpp.2.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2008-02-13 05:13:47 UTC 
tomcat5-5.5.26-1jpp.2.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Marc Schoenefeld 2008-02-20 10:05:59 UTC 
A patch for the patch: 

http://svn.apache.org/viewvc?view=rev&revision=627743
Comment 11 Marc Schoenefeld 2008-04-25 19:51:23 UTC 
There are still regressions caused by the current upstream patch, 
https://issues.apache.org/bugzilla/show_bug.cgi?id=44679
Comment 13 errata-xmlrpc 2009-07-21 20:56:33 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2009:1164 https://rhn.redhat.com/errata/RHSA-2009-1164.html
Comment 14 Murray McAllister 2009-07-21 22:03:32 UTC 
Due to CVE-2007-5333 being low severity, and the upstream fix previously
causing regressions, an update for this issue was deferred until now.
Comment 16 errata-xmlrpc 2009-09-21 15:52:00 UTC 
This issue has been addressed in following products:

  JBEWS 1.0.0 for RHEL 4
  JBEWS 1.0.0 for RHEL 5

Via RHSA-2009:1454 https://rhn.redhat.com/errata/RHSA-2009-1454.html
Comment 19 errata-xmlrpc 2009-11-09 15:26:36 UTC 
This issue has been addressed in following products:

  RHAPS Version 2 for RHEL 4

Via RHSA-2009:1562 https://rhn.redhat.com/errata/RHSA-2009-1562.html
Comment 20 errata-xmlrpc 2009-11-09 15:37:45 UTC 
This issue has been addressed in following products:

  Red Hat Developer Suite V.3

Via RHSA-2009:1563 https://rhn.redhat.com/errata/RHSA-2009-1563.html
Comment 22 errata-xmlrpc 2009-11-30 15:16:27 UTC 
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.2
  Red Hat Network Satellite Server v 5.3

Via RHSA-2009:1616 https://rhn.redhat.com/errata/RHSA-2009-1616.html
Comment 23 errata-xmlrpc 2010-08-04 21:31:42 UTC 
This issue has been addressed in following products:

  Red Hat Certificate System 7.3

Via RHSA-2010:0602 https://rhn.redhat.com/errata/RHSA-2010-0602.html