Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A session fixation flaw was found in the Tomcat FormAuthenticator module.
During a narrow window of time, if a remote attacker sent requests while a
user was logging in, it could possibly result in the attackerโs requests
being processed as if they were sent by the user. (CVE-2013-2067)
Users of Tomcat are advised to upgrade to these updated packages, which
correct this issue. Tomcat must be restarted for this update to take
effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | noarch | tomcat6-jsp-2.1-api | <ย 6.0.24-57.el6_4 | tomcat6-jsp-2.1-api-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | noarch | tomcat6-servlet-2.5-api | <ย 6.0.24-57.el6_4 | tomcat6-servlet-2.5-api-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | noarch | tomcat6-webapps | <ย 6.0.24-57.el6_4 | tomcat6-webapps-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | noarch | tomcat6-javadoc | <ย 6.0.24-57.el6_4 | tomcat6-javadoc-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | src | tomcat6 | <ย 6.0.24-57.el6_4 | tomcat6-6.0.24-57.el6_4.src.rpm |
RedHat | 6 | noarch | tomcat6 | <ย 6.0.24-57.el6_4 | tomcat6-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | noarch | tomcat6-docs-webapp | <ย 6.0.24-57.el6_4 | tomcat6-docs-webapp-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | noarch | tomcat6-admin-webapps | <ย 6.0.24-57.el6_4 | tomcat6-admin-webapps-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | noarch | tomcat6-el-2.1-api | <ย 6.0.24-57.el6_4 | tomcat6-el-2.1-api-6.0.24-57.el6_4.noarch.rpm |
RedHat | 6 | noarch | tomcat6-lib | <ย 6.0.24-57.el6_4 | tomcat6-lib-6.0.24-57.el6_4.noarch.rpm |