FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tomcat -- bypass of security constraints

Affected packages
6.0.0 <= tomcat6 <= 6.0.35
7.0.0 <= tomcat7 <= 7.0.29

Details

VuXML ID f599dfc4-3ec2-11e2-8ae1-001a8056d0b5
Discovery 2012-12-04
Entry 2012-12-04
Modified 2012-12-29

The Apache Software Foundation reports:

When using FORM authentication it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of the URL if some other component (such as the Single-Sign-On valve) had called request.setUserPrincipal() before the call to FormAuthenticator#authenticate().

References

CVE Name CVE-2012-3546
URL http://tomcat.apache.org/security-6.html
URL http://tomcat.apache.org/security-7.html