JVNDB-2008-000069

Apache Tomcat from The Apache Software Foundation contains a vulnerability which may allow a user from a non-premitted IP address to gain access. Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies. Apache Tomcat contains a vulnerability which may allow a user from a non-permitted IP address to gain access to a protected context. This vulnerability was addressed and solved in ASF Bugzilla - Bug 25835. However there was no description regarding this vulnerability in ASF Bugzilla - Bug 25835. Therefore, The Apache Tomcat Development Team has decided to publish an advisory regarding this issue. Kenichi Tsukamoto of Development Dept. II Application Management Middleware Div. FUJITSU LIMITED reported this vulnerability to IPA. JPCERT/CC coordinated with The Apache Software Foundation and the vendors under Information Security Early Warning Partnership.