PROBLEM:
Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks.
PLATFORM:
Tomcat 7.0.0 to 7.0.11
Tomcat 6.0.0 to 6.0.32
Tomcat 5.5.0 to 5.5.33
Earlier, unsupported versions may also be affected
ABSTRACT:
A remote user can conduct authentication bypass attacks.
reference LINKS:
Apache Tomcat Security Advisory
SecurityTracker Alert ID: 1026095
CVE-2011-1184
IMPACT ASSESSMENT:
Medium
Di scussion:
The implementation of HTTP DIGEST authentication was discovered to have several weaknesses: replay attacks were permitted server nonces were not checked client nonce counts were not checked qop values were not checked realm values were not checked the server secret was hard-coded to a known string The result of these weaknesses is that DIGEST authentication was only as secure as BASIC authentication.
Impact:
A remote user can conduct authentication bypass attacks.
Solution:
The vendor has issued a fix.
Apache Tomcat Revision 1158180