Oval Definition:oval:org.opensuse.security:def:20132067
Revision Date:2022-09-02Version:1
Title:CVE-2013-2067
Description:

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-2067
Mitre CVE-2013-2067
SUSE CVE-2013-2067
openSUSE-SU-2013:1307-1
openSUSE-SU-2013:1411-1
Platform(s):openSUSE 12.2 Update
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • tomcat-7.0.27-2.26.1 is installed
  • OR tomcat-admin-webapps-7.0.27-2.26.1 is installed
  • OR tomcat-docs-webapp-7.0.27-2.26.1 is installed
  • OR tomcat-el-2_2-api-7.0.27-2.26.1 is installed
  • OR tomcat-javadoc-7.0.27-2.26.1 is installed
  • OR tomcat-jsp-2_2-api-7.0.27-2.26.1 is installed
  • OR tomcat-jsvc-7.0.27-2.26.1 is installed
  • OR tomcat-lib-7.0.27-2.26.1 is installed
  • OR tomcat-servlet-3_0-api-7.0.27-2.26.1 is installed
  • OR tomcat-webapps-7.0.27-2.26.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND mariadb is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-3_1-api is affected
  • OR tomcat-webapps is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-3_1-api is affected
  • OR tomcat-webapps is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
    • BACK