 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.1.1.2023.5507 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DSA-5507-1) |
| Summary: | The remote host is missing an update for the Debian 'jetty9' package(s) announced via the DSA-5507-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'jetty9' package(s) announced via the DSA-5507-1 advisory. Vulnerability Insight: Multiple security vulnerabilities were found in Jetty, a Java based web server and servlet engine. The org.eclipse.jetty.servlets.CGI class has been deprecated. It is potentially unsafe to use it. The upstream developers of Jetty recommend to use Fast CGI instead. See also CVE-2023-36479. CVE-2023-26048 In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. CVE-2023-26049 Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. CVE-2023-40167 Prior to this version Jetty accepted the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. CVE-2023-36479 Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. CVE-2023-41900 Jetty is vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` is capable of rejecting previously authenticated users. For the oldstable distribution (bullseye), these problems have been fixed in version 9.4.39-3+deb11u2. For the stable distribution (bookworm), these problems have been fixed in version 9.4.50-4+deb12u1. We recommend that you ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'jetty9' package(s) on Debian 11, Debian 12. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-26048 Debian Security Information: DSA-5507 (Google Search) https://www.debian.org/security/2023/dsa-5507 https://github.com/eclipse/jetty.project/issues/9076 https://github.com/eclipse/jetty.project/pull/9344 https://github.com/eclipse/jetty.project/pull/9345 https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8 https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html Common Vulnerability Exposure (CVE) ID: CVE-2023-26049 https://github.com/eclipse/jetty.project/pull/9339 https://github.com/eclipse/jetty.project/pull/9352 https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c https://www.rfc-editor.org/rfc/rfc2965 https://www.rfc-editor.org/rfc/rfc6265 Common Vulnerability Exposure (CVE) ID: CVE-2023-36479 https://github.com/eclipse/jetty.project/pull/9516 https://github.com/eclipse/jetty.project/pull/9888 https://github.com/eclipse/jetty.project/pull/9889 https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j Common Vulnerability Exposure (CVE) ID: CVE-2023-40167 https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6 https://www.rfc-editor.org/rfc/rfc9110#section-8.6 Common Vulnerability Exposure (CVE) ID: CVE-2023-41900 https://github.com/eclipse/jetty.project/pull/9528 https://github.com/eclipse/jetty.project/pull/9660 https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48 |
| Copyright | Copyright (C) 2023 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |