Bug 178176 - CVE-2006-0254 tomcat examples XSS (RHAPS)
CVE-2006-0254 tomcat examples XSS (RHAPS)
Status: CLOSED ERRATA
Product: Red Hat Application Server
Classification: Retired
Component: tomcat (Show other bugs)
1.2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fernando Nasser
reported=20060117,source=cve,public=2...
: Security
Depends On:
Blocks: CVE-2006-0254
  Show dependency treegraph
 
Reported: 2006-01-18 05:47 EST by Mark J. Cox (Product Security)
Modified: 2008-01-29 04:58 EST (History)
4 users (show)

See Also:
Fixed In Version: RHSA-2006-0592
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-07-14 06:30:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2006-01-18 05:47:09 EST
+++ This bug was initially created as a clone of Bug #178175 +++

A new cross-site scripting flaw has been reported in the tomcat jsp examples as
shipped in tomcat5-webapps in Red Hat Application Server.  See

http://issues.apache.org/jira/browse/GERONIMO-1474

This is fixed in upstream svn.

Marking this as moderate severity as users should not be putting examples into
production environments.  I've held off marking it low as the examples ought to
show good practices and our users may copy the bad behaviour.

Note also these issues
http://issues.apache.org/bugzilla/show_bug.cgi?id=32953

Note: We've not looked which of these issues actually affect the tomcat5-webapps
package.
Comment 1 Josh Bressers 2006-05-11 11:14:35 EDT
Ping.

Any plans to update this package in the near future?
Comment 6 Rafael H. Schloming 2006-06-30 10:54:55 EDT
The package has been updated with a patch that modifies the examples to properly
filter and encode any variables before outputting them as HTML.
Comment 9 Red Hat Bugzilla 2006-07-14 06:30:00 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0592.html

Note You need to log in before you can comment on or make changes to this bug.