Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
References
Link Providers
http://marc.info/?l=bugtraq&m=132215163318824&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=133469267822771&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=136485229118404&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=139344343412337&w=2 cve-icon cve-icon
http://osvdb.org/73797 cve-icon cve-icon
http://osvdb.org/73798 cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-0074.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-0075.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-0076.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-0077.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-0078.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-0325.html cve-icon cve-icon
http://secunia.com/advisories/45232 cve-icon cve-icon
http://secunia.com/advisories/48308 cve-icon cve-icon
http://secunia.com/advisories/57126 cve-icon cve-icon
http://svn.apache.org/viewvc?view=revision&revision=1145383 cve-icon cve-icon
http://svn.apache.org/viewvc?view=revision&revision=1145571 cve-icon cve-icon
http://svn.apache.org/viewvc?view=revision&revision=1145694 cve-icon cve-icon
http://svn.apache.org/viewvc?view=revision&revision=1146005 cve-icon cve-icon
http://tomcat.apache.org/security-5.html cve-icon cve-icon
http://tomcat.apache.org/security-6.html cve-icon cve-icon
http://tomcat.apache.org/security-7.html cve-icon cve-icon
http://www.debian.org/security/2012/dsa-2401 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2011:156 cve-icon cve-icon
http://www.securityfocus.com/archive/1/518889/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/48667 cve-icon cve-icon
http://www.securitytracker.com/id?1025788 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=720948 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/68541 cve-icon cve-icon
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2011-2526 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14573 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19514 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2011-2526 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-07-14T23:00:00

Updated: 2024-08-06T23:00:34.252Z

Reserved: 2011-06-15T00:00:00

Link: CVE-2011-2526

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-07-14T23:55:06.020

Modified: 2024-11-21T01:28:27.920

Link: CVE-2011-2526

cve-icon Redhat

Severity : Low

Publid Date: 2011-07-13T00:00:00Z

Links: CVE-2011-2526 - Bugzilla