PublicDateAtUSN: 2016-02-24 Candidate: CVE-2015-5351 PublicDate: 2016-02-25 01:59:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351 http://seclists.org/bugtraq/2016/Feb/148 https://ubuntu.com/security/notices/USN-3024-1 Description: The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token. Ubuntu-Description: It was discovered that the Tomcat Manager and Host Manager applications incorrectly handled new requests. A remote attacker could possibly use this issue to bypass CSRF protection mechanisms. Notes: Bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802312 Priority: medium Discovered-by: Assigned-to: CVSS: nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] Patches_tomcat7: upstream: http://svn.apache.org/viewvc?view=revision&revision=1720661 upstream: http://svn.apache.org/viewvc?view=revision&revision=1720663 upstream_tomcat7: released (7.0.68-1) precise_tomcat7: ignored (reached end-of-life) precise/esm_tomcat7: DNE (precise was needed) trusty_tomcat7: released (7.0.52-1ubuntu0.6) trusty/esm_tomcat7: released (7.0.52-1ubuntu0.6) vivid/stable-phone-overlay_tomcat7: DNE vivid/ubuntu-core_tomcat7: DNE wily_tomcat7: released (7.0.64-1ubuntu0.3) xenial_tomcat7: not-affected (7.0.68-1) yakkety_tomcat7: not-affected (7.0.68-1) zesty_tomcat7: not-affected (7.0.68-1) artful_tomcat7: not-affected (7.0.68-1) bionic_tomcat7: not-affected (7.0.68-1) devel_tomcat7: not-affected (7.0.68-1) Patches_tomcat6: upstream: http://svn.apache.org/viewvc?view=revision&revision=1720661 upstream: http://svn.apache.org/viewvc?view=revision&revision=1720655 upstream_tomcat6: released (6.0.45) precise_tomcat6: not-affected (code not present) precise/esm_tomcat6: not-affected (code not present) trusty_tomcat6: released (6.0.39-1ubuntu0.1) trusty/esm_tomcat6: released (6.0.39-1ubuntu0.1) vivid/stable-phone-overlay_tomcat6: DNE vivid/ubuntu-core_tomcat6: DNE wily_tomcat6: ignored (reached end-of-life) xenial_tomcat6: not-affected (6.0.45+dfsg-1) yakkety_tomcat6: DNE zesty_tomcat6: DNE artful_tomcat6: DNE bionic_tomcat6: DNE devel_tomcat6: DNE Patches_tomcat8: upstream: http://svn.apache.org/viewvc?view=revision&revision=1720658 upstream: http://svn.apache.org/viewvc?view=revision&revision=1720660 upstream_tomcat8: released (8.0.32-1) precise_tomcat8: DNE precise/esm_tomcat8: DNE trusty_tomcat8: DNE trusty/esm_tomcat8: DNE vivid/stable-phone-overlay_tomcat8: DNE vivid/ubuntu-core_tomcat8: DNE wily_tomcat8: ignored (reached end-of-life) xenial_tomcat8: not-affected (8.0.32-1ubuntu1) esm-infra/xenial_tomcat8: not-affected (8.0.32-1ubuntu1) yakkety_tomcat8: not-affected (8.0.32-1ubuntu1) zesty_tomcat8: not-affected (8.0.32-1ubuntu1) artful_tomcat8: not-affected (8.0.32-1ubuntu1) bionic_tomcat8: not-affected (8.0.32-1ubuntu1) devel_tomcat8: not-affected (8.0.32-1ubuntu1)