PublicDateAtUSN: 2012-11-17
Candidate: CVE-2012-5885
PublicDate: 2012-11-17 19:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5885
 http://tomcat.apache.org/security-7.html
 http://tomcat.apache.org/security-6.html
 http://tomcat.apache.org/security-5.html
 https://ubuntu.com/security/notices/USN-1637-1
Description:
 The replay-countermeasure functionality in the HTTP Digest Access
 Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x
 before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce)
 values instead of nonce (aka server nonce) and nc (aka nonce-count) values,
 which makes it easier for remote attackers to bypass intended access
 restrictions by sniffing the network for valid requests, a different
 vulnerability than CVE-2011-1184.
Ubuntu-Description:
Notes:
 mdeslaur> This was originally called CVE-2012-3439
Bugs:
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS: 

Patches_tomcat7:
 upstream: http://svn.apache.org/viewvc?view=revision&revision=1377807
upstream_tomcat7: released (7.0.30)
hardy_tomcat7: DNE
lucid_tomcat7: DNE
oneiric_tomcat7: released (7.0.21-1ubuntu0.1)
precise_tomcat7: released (7.0.26-1ubuntu1.2)
quantal_tomcat7: not-affected (7.0.30-0ubuntu1)
raring_tomcat7: not-affected
devel_tomcat7: not-affected

Patches_tomcat6:
 upstream: http://svn.apache.org/viewvc?view=revision&revision=1380829
upstream_tomcat6: released (6.0.35-5+nmu1)
hardy_tomcat6: DNE
lucid_tomcat6: released (6.0.24-2ubuntu1.11)
oneiric_tomcat6: released (6.0.32-5ubuntu1.3)
precise_tomcat6: released (6.0.35-1ubuntu3.1)
quantal_tomcat6: released (6.0.35-5ubuntu0.1)
raring_tomcat6: not-affected (6.0.35-6)
devel_tomcat6: not-affected (6.0.35-6)

Patches_tomcat5.5:
 upstream: http://svn.apache.org/viewvc?view=revision&revision=1392248
upstream_tomcat5.5: needed
hardy_tomcat5.5: ignored (reached end-of-life)
lucid_tomcat5.5: DNE
oneiric_tomcat5.5: DNE
precise_tomcat5.5: DNE
quantal_tomcat5.5: DNE
raring_tomcat5.5: DNE
devel_tomcat5.5: DNE