CVE-2006-6969 - OpenCVE

Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote attackers to guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Jetty	Jetty Http Server

Configuration 1 [-]

OR	cpe:2.3:a:jetty:jetty_http_server:4.2.9:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.11:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.12:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.14:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.15:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.16:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.17:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.18:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.19:::::::*
	cpe:2.3:a:jetty:jetty_http_server:4.2.24:::::::*
	cpe:2.3:a:jetty:jetty_http_server:5.1.11:::::::*
	cpe:2.3:a:jetty:jetty_http_server:6.0.1:::::::*
	cpe:2.3:a:jetty:jetty_http_server:6.1.0_pre2:::::::*

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2007-02/0070.html
http://fisheye.codehaus.org/changelog/jetty/?cs=1274
http://osvdb.org/33108
http://secunia.com/advisories/24070	Vendor Advisory
http://www.securityfocus.com/archive/1/459164/100/0/threaded
http://www.securityfocus.com/bid/22405	Vendor Advisory
http://www.vupen.com/english/advisories/2007/0497
https://exchange.xforce.ibmcloud.com/vulnerabilities/32240

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-02-07T11:00:00

Updated: 2018-10-16T14:57:01

Reserved: 2007-02-07T00:00:00

Link: CVE-2006-6969

JSON object: View

NVD Information

Status : Modified

Published: 2007-02-07T11:28:00.000

Modified: 2018-10-16T16:29:12.960

Link: CVE-2006-6969

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-22T00:00:00", "descriptions": [{"lang": "en", "value": "Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote attackers to guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "24070", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24070"}, {"name": "ADV-2007-0497", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0497"}, {"name": "jetty-sessionid-session-hijacking(32240)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32240"}, {"name": "33108", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33108"}, {"name": "22405", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22405"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://fisheye.codehaus.org/changelog/jetty/?cs=1274"}, {"name": "20070206 Re: Jetty Session ID Prediction", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2007-02/0070.html"}, {"name": "20070205 Jetty Session ID Prediction", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459164/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6969", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote attackers to guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "24070", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24070"}, {"name": "ADV-2007-0497", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0497"}, {"name": "jetty-sessionid-session-hijacking(32240)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32240"}, {"name": "33108", "refsource": "OSVDB", "url": "http://osvdb.org/33108"}, {"name": "22405", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22405"}, {"name": "http://fisheye.codehaus.org/changelog/jetty/?cs=1274", "refsource": "CONFIRM", "url": "http://fisheye.codehaus.org/changelog/jetty/?cs=1274"}, {"name": "20070206 Re: Jetty Session ID Prediction", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2007-02/0070.html"}, {"name": "20070205 Jetty Session ID Prediction", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/459164/100/0/threaded"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6969", "datePublished": "2007-02-07T11:00:00", "dateReserved": "2007-02-07T00:00:00", "dateUpdated": "2018-10-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "09FD2684-87CF-4B4D-B3D1-7DE43609D2E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "B82462AC-665D-41C0-B198-AA52784DF4C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "6B21ED45-9C48-4547-BDCE-7EB12B03AAEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "BA62A170-2544-4D3D-8E22-21F35D2E9944", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "DF5CEA1C-1EC7-49D7-9485-FA8773DA2D8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "3F68F8E1-BF3C-4C99-BE93-985BB8AD51FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.17:*:*:*:*:*:*:*", "matchCriteriaId": "D0F5EF68-A6FC-4FD7-8C36-4A8623C60622", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "858FCD10-5B40-4EA8-BA16-081EFC734695", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "01A293F8-45D0-46F3-93C3-A09542628FE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.24:*:*:*:*:*:*:*", "matchCriteriaId": "238E835C-8C44-4514-A320-E7294683C5A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:5.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "DBDF1C6A-C804-4F51-BFF6-ECB4584E4DDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0ED02F5B-3F98-4603-B51B-DC5F7C81291C", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:6.1.0_pre2:*:*:*:*:*:*:*", "matchCriteriaId": "F734C638-26EB-426E-8505-798F2DC526AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote attackers to guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks."}, {"lang": "es", "value": "Jetty anterior al 4.2.27, 5.1 anterior al 5.1.12, 6.0 anterior al 6.0.2 y 6.1 anterior al 6.1.0pre3 genera identificadores de sesi\u00f3n predecibles utilizando java.util.random, lo que hace m\u00e1s f\u00e1cil para atacantes remotos el adivinar los identificadores de sesiones utilizando ataques de fuerza bruta y, posiblemente, llevar a cabo ataques de falsificaci\u00f3n de petici\u00f3n en sitios cruzados."}], "id": "CVE-2006-6969", "lastModified": "2018-10-16T16:29:12.960", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-07T11:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2007-02/0070.html"}, {"source": "cve@mitre.org", "url": "http://fisheye.codehaus.org/changelog/jetty/?cs=1274"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/33108"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/24070"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/459164/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/bid/22405"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0497"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32240"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}