CVE-2011-1184

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.

Affected Software

Name	Vendor	Start Version	End Version
Tomcat	Apache	5.5.0 (including)	5.5.0 (including)
Tomcat	Apache	5.5.1 (including)	5.5.1 (including)
Tomcat	Apache	5.5.2 (including)	5.5.2 (including)
Tomcat	Apache	5.5.3 (including)	5.5.3 (including)
Tomcat	Apache	5.5.4 (including)	5.5.4 (including)
Tomcat	Apache	5.5.5 (including)	5.5.5 (including)
Tomcat	Apache	5.5.6 (including)	5.5.6 (including)
Tomcat	Apache	5.5.7 (including)	5.5.7 (including)
Tomcat	Apache	5.5.8 (including)	5.5.8 (including)
Tomcat	Apache	5.5.9 (including)	5.5.9 (including)
Tomcat	Apache	5.5.10 (including)	5.5.10 (including)
Tomcat	Apache	5.5.11 (including)	5.5.11 (including)
Tomcat	Apache	5.5.12 (including)	5.5.12 (including)
Tomcat	Apache	5.5.13 (including)	5.5.13 (including)
Tomcat	Apache	5.5.14 (including)	5.5.14 (including)
Tomcat	Apache	5.5.15 (including)	5.5.15 (including)
Tomcat	Apache	5.5.16 (including)	5.5.16 (including)
Tomcat	Apache	5.5.17 (including)	5.5.17 (including)
Tomcat	Apache	5.5.18 (including)	5.5.18 (including)
Tomcat	Apache	5.5.19 (including)	5.5.19 (including)
Tomcat	Apache	5.5.20 (including)	5.5.20 (including)
Tomcat	Apache	5.5.21 (including)	5.5.21 (including)
Tomcat	Apache	5.5.22 (including)	5.5.22 (including)
Tomcat	Apache	5.5.23 (including)	5.5.23 (including)
Tomcat	Apache	5.5.24 (including)	5.5.24 (including)
Tomcat	Apache	5.5.25 (including)	5.5.25 (including)
Tomcat	Apache	5.5.26 (including)	5.5.26 (including)
Tomcat	Apache	5.5.27 (including)	5.5.27 (including)
Tomcat	Apache	5.5.28 (including)	5.5.28 (including)
Tomcat	Apache	5.5.29 (including)	5.5.29 (including)
Tomcat	Apache	5.5.30 (including)	5.5.30 (including)
Tomcat	Apache	5.5.31 (including)	5.5.31 (including)
Tomcat	Apache	5.5.32 (including)	5.5.32 (including)
Tomcat	Apache	5.5.33 (including)	5.5.33 (including)
JBEWP 5 for RHEL 5	RedHat	jbossweb-0:2.1.12-3_patch_03.2.ep5.el5	*
JBEWP 5 for RHEL 6	RedHat	jbossweb-0:2.1.12-3_patch_03.2.ep5.el6	*
JBoss Communications Platform 5.1	RedHat		*
JBoss Enterprise BRMS Platform 5.1	RedHat		*
Red Hat Enterprise Linux 5	RedHat	tomcat5-0:5.5.23-0jpp.22.el5_7	*
Red Hat Enterprise Linux 6	RedHat	tomcat6-0:6.0.24-35.el6_1	*
Red Hat JBoss Enterprise Application Platform 4.3	RedHat		*
Red Hat JBoss Enterprise Application Platform 5.1	RedHat		*
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4	RedHat	jbossweb-0:2.1.12-3_patch_03.2.ep5.el4	*
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5	RedHat	jbossweb-0:2.1.12-3_patch_03.2.ep5.el5	*
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6	RedHat	jbossweb-0:2.1.12-3_patch_03.2.ep5.el6	*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5	RedHat	tomcat5-0:5.5.33-27_patch_07.ep5.el5	*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5	RedHat	tomcat6-0:6.0.32-24_patch_07.ep5.el5	*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6	RedHat	tomcat5-0:5.5.33-28_patch_07.ep5.el6	*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6	RedHat	tomcat6-0:6.0.32-24_patch_07.ep5.el6	*
Red Hat JBoss Portal 4.3	RedHat		*
Red Hat JBoss Portal 5.2	RedHat		*
Red Hat JBoss SOA Platform 5.2	RedHat		*
Red Hat JBoss Web Platform 5.1	RedHat		*
Red Hat JBoss Web Server 1.0	RedHat		*
Red Hat JBoss Web Server 1.0	RedHat		*
Tomcat5.5	Ubuntu	hardy	*
Tomcat5.5	Ubuntu	upstream	*
Tomcat6	Ubuntu	devel	*
Tomcat6	Ubuntu	lucid	*
Tomcat6	Ubuntu	maverick	*
Tomcat6	Ubuntu	natty	*
Tomcat6	Ubuntu	oneiric	*
Tomcat6	Ubuntu	upstream	*
Tomcat7	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1184
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References