DO NOT REPLY [Bug 42950] New: - ConcurrentModificationException on Shutdown

2007-07-21 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42950

   Summary: ConcurrentModificationException on Shutdown
   Product: Tomcat 5
   Version: Unknown
  Platform: Other
OS/Version: other
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


Error seen shutting down the Windows daemon version of Tomcat 5.5.23:

WARNING: Error while removing context [/rbodkin]
java.util.ConcurrentModificationException
at java.util.HashMap$HashIterator.nextEntry(HashMap.java:841)
at java.util.HashMap$EntryIterator.next(HashMap.java:883)
at java.util.HashMap$EntryIterator.next(HashMap.java:881)
at java.util.HashMap.putAllForCreate(HashMap.java:481)
at java.util.HashMap.clone(HashMap.java:713)
at org.apache.catalina.loader.WebappClassLoader.clearReferences
(WebappClassLoader.java:1592)
at org.apache.catalina.loader.WebappClassLoader.stop
(WebappClassLoader.java:1496)
at org.apache.catalina.loader.WebappLoader.stop(WebappLoader.java:734)
at org.apache.catalina.core.StandardContext.stop
(StandardContext.java:4398)
at org.apache.catalina.core.ContainerBase.removeChild
(ContainerBase.java:893)
at org.apache.catalina.startup.HostConfig.undeployApps
(HostConfig.java:1180)
at org.apache.catalina.startup.HostConfig.stop(HostConfig.java:1151)
at org.apache.catalina.startup.HostConfig.lifecycleEvent
(HostConfig.java:313)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent
(LifecycleSupport.java:120)
at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1055)
at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1067)
at org.apache.catalina.core.StandardEngine.stop
(StandardEngine.java:448)
at org.apache.catalina.core.StandardService.stop
(StandardService.java:510)
at org.apache.catalina.core.StandardServer.stop
(StandardServer.java:734)
at org.apache.catalina.startup.Catalina.stop(Catalina.java:602)
at org.apache.catalina.startup.Catalina.start(Catalina.java:577)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r558396 - in /tomcat/site/trunk: docs/security-4.html xdocs/security-4.xml

2007-07-21 Thread markt 
Author: markt
Date: Sat Jul 21 16:49:16 2007
New Revision: 558396

URL: http://svn.apache.org/viewvc?view=rev&rev=558396
Log:
Add information for CVE-2007-3383

Modified:
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/xdocs/security-4.xml

Modified: tomcat/site/trunk/docs/security-4.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?view=diff&rev=558396&r1=558395&r2=558396
==
--- tomcat/site/trunk/docs/security-4.html (original)
+++ tomcat/site/trunk/docs/security-4.html Sat Jul 21 16:49:16 2007
@@ -317,6 +317,21 @@
 
 Affects: 4.0.1-4.0.6, 4.1.0-4.1.36
 
+
+low: Cross-site scripting
+   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383";>
+   CVE-2007-3383
+
+
+When reporting error messages, the SendMailServlet (part of the examples
+   web application) did not escape user provided data before including it 
in
+   the output. This enabled a XSS attack. This Servlet now filters the data
+   before use. This issue may be mitigated by undeploying the examples web
+   application. Note that it is recommended that the examples web
+   application is not installed on a production system.
+   
+
+Affects: 4.0.0-4.0.6, 4.1.0-4.1.36
   
 
 

Modified: tomcat/site/trunk/xdocs/security-4.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?view=diff&rev=558396&r1=558395&r2=558396
==
--- tomcat/site/trunk/xdocs/security-4.xml (original)
+++ tomcat/site/trunk/xdocs/security-4.xml Sat Jul 21 16:49:16 2007
@@ -90,6 +90,19 @@
 
 Affects: 4.0.1-4.0.6, 4.1.0-4.1.36
 
+low: Cross-site scripting
+   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383";>
+   CVE-2007-3383
+
+When reporting error messages, the SendMailServlet (part of the examples
+   web application) did not escape user provided data before including it 
in
+   the output. This enabled a XSS attack. This Servlet now filters the data
+   before use. This issue may be mitigated by undeploying the examples web
+   application. Note that it is recommended that the examples web
+   application is not installed on a production system.
+   
+
+Affects: 4.0.0-4.0.6, 4.1.0-4.1.36
   
 
   



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

CVE-2007-3383: XSS in Tomcat send mail example

2007-07-21 Thread Mark Thomas 
CVE-2007-3383: XSS in Tomcat send mail example

Severity:
Low (Cross-site scripting)

Vendor:
The Apache Software Foundation

Versions Affected:
4.0.0 to 4.0.6
4.1.0 to 4.1.36

Description:
When reporting error messages, the SendMailServlet does not filter
user supplied data before display. This enables an XSS attack.

Mitigation:
Undeploy the examples web application.

Credit:
This issue was discovered by Tomasz Kuczynski, Poznan Supercomputing
and Networking Center, who worked with the CERT/CC to report the
vulnerability.

Example:
On this page
http://localhost:8080/examples/jsp/mail/sendmail.jsp
enter the following text
alert('XSS reflected')
in the From field and click Send.

References:
http://tomcat.apache.org/security.html

Mark Thomas

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]