SmartAttack™ Library Update Readme

The following SmartAttacks and/or SmartAttack™ technologies have been added or updated in this release:

• CIA Web Server Configuration
  • Apache Tomcat Multiple Vulnerabilities; CVE Reference:CVE-2007-5333,CVE-2007-6286,SA26466. Some vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to manipulate certain data or to disclose sensitive information.
    1. An error exists within the native (APR based) connector when handling SSL requests. This can be exploited to trigger the duplicate processing of a recent request by connecting to the SSL port and disconnecting without sending data. The vulnerability is reported in versions 5.5.11 to 5.5.25, and 6.0.0 to 6.0.15.
    2. Input containing a quote or a %5C character in cookie values is incorrectly handled in an unspecified way, which can be exploited to disclose sensitive information including session IDs. The vulnerability is reported in versions 5.5.0 to 5.5.25, and 6.0.0 to 6.0.14. Detailed information is available at: http://secunia.com/advisories/28878/ Solution: Update to version 5.5.26 or 6.0.16.

Cenzic's dedicated CIA experts focus exclusively on perform ongoing research to not only analyze known vulnerabilities but also discover new or undisclosed vulnerabilities in custom, commercial, and open-source applications, and to make this information available to customers and to the community at large in the form of publications and security alerts. The CIA Web Server Configuration SmartAttack™ was created so that recently discovered vulnerabilities can be integrated into Hailstorm on a fast-response basis.