Vulnerability CVE-2008-0002 - CERT Civis.Net

Vulnerability Name:

CVE-2008-0002 (CCN-40411)

Assigned:

2007-12-03

Published:

2008-02-08

Updated:

2018-10-15

Summary:

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: CCN
Type: BugTraq Mailing List, Fri Feb 08 2008 - 16:24:25 CST
CVE-2008-0002: Tomcat information disclosure vulnerability

Source: MITRE
Type: CNA
CVE-2008-0002

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-10-09

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:004

Source: HP
Type: UNKNOWN
HPSBST02955

Source: CCN
Type: RHSA-2008-0151
Moderate: JBoss Enterprise Application Platform 4.2.0CP02 security update

Source: CCN
Type: RHSA-2008-0158
Moderate: JBoss Enterprise Application Platform security update

Source: CCN
Type: RHSA-2008-0213
Moderate: JBoss Enterprise Application Platform 4.2.0CP02 security update

Source: CCN
Type: SA28834
Apache Tomcat Exception Handling Information Disclosure

Source: SECUNIA
Type: UNKNOWN
28834

Source: SECUNIA
Type: UNKNOWN
28915

Source: SECUNIA
Type: UNKNOWN
29711

Source: CCN
Type: SA32222
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
32222

Source: CCN
Type: SA37460
VMware Products Update for Multiple Packages

Source: SECUNIA
Type: UNKNOWN
37460

Source: SECUNIA
Type: UNKNOWN
57126

Source: GENTOO
Type: UNKNOWN
GLSA-200804-10

Source: SREASON
Type: UNKNOWN
3638

Source: CCN
Type: Apple Web site
About Security Update 2008-007

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3216

Source: CCN
Type: Apache Tomcat Web site
important: Information disclosure CVE-2008-0002

Source: CONFIRM
Type: UNKNOWN
http://tomcat.apache.org/security-6.html

Source: CCN
Type: GLSA-200804-10
Tomcat: Multiple vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20080208 CVE-2008-0002: Tomcat information disclosure vulnerability

Source: BUGTRAQ
Type: UNKNOWN
20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

Source: BID
Type: UNKNOWN
27703

Source: CCN
Type: BID-27703
Apache Tomcat Parameter Processing Remote Information Disclosure Vulnerability

Source: BID
Type: UNKNOWN
31681

Source: CCN
Type: BID-31681
RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2009-0016.html

Source: VUPEN
Type: UNKNOWN
ADV-2008-0488

Source: VUPEN
Type: UNKNOWN
ADV-2008-2780

Source: VUPEN
Type: UNKNOWN
ADV-2009-3316

Source: XF
Type: UNKNOWN
apache-tomcat-exception-info-disclosure(40411)

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1467

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1603

Source: SUSE
Type: SUSE-SR:2009:004
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/a:redhat:rhel_application_stack:2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*

Denotes that component is vulnerable