Vigil@nce - Apache Tomcat: Cross Site Scripting of Manager via display-name
February 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker, who is allowed to upload a malicious application on
Apache Tomcat, can create a Cross Site Scripting in the Manager.
Severity: 2/4
Creation date: 07/02/2011
IMPACTED PRODUCTS
– Apache Tomcat
– Debian Linux
DESCRIPTION OF THE VULNERABILITY
The Manager application is used to administer an Apache Tomcat
server.
The web.xml configuration file of an application contains the
"display-name", which indicates the name to be displayed in the
Manager.
However, the Manager does not filter this value before displaying
it.
An attacker, who is allowed to upload a malicious application on
Apache Tomcat, can therefore create a Cross Site Scripting in the
Manager.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN