ID CVE-2010-0557
Summary IBM Cognos Express 9.0 allows attackers to obtain unspecified access to the Tomcat Manager component, and cause a denial of service, by leveraging hardcoded credentials.
References
Vulnerable Configurations
  • IBM Cognos Expres 9.0
    cpe:2.3:a:ibm:cognos_express:9.0
CVSS
Base: 7.5 (as of 08-02-2010 - 11:03)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Apache Tomcat Manager Application Deployer Authenticated Code Execution. CVE-2009-3548,CVE-2009-3843,CVE-2009-4188,CVE-2009-4189,CVE-2010-0557,CVE-2010-4094....
id EDB-ID:16317
last seen 2016-02-01
modified 2010-12-14
published 2010-12-14
reporter metasploit
source https://www.exploit-db.com/download/16317/
title Apache Tomcat Manager Application Deployer Authenticated Code Execution
metasploit via4
  • description This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is not implemented in this module. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.
    id MSF:EXPLOIT/MULTI/HTTP/TOMCAT_MGR_DEPLOY
    last seen 2019-02-23
    modified 2018-08-20
    published 2013-01-07
    reliability Excellent
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/tomcat_mgr_deploy.rb
    title Apache Tomcat Manager Application Deployer Authenticated Code Execution
  • description This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.
    id MSF:EXPLOIT/MULTI/HTTP/TOMCAT_MGR_UPLOAD
    last seen 2019-03-28
    modified 2018-08-20
    published 2014-01-27
    reliability Excellent
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/tomcat_mgr_upload.rb
    title Apache Tomcat Manager Authenticated Upload Code Execution
  • description This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass.
    id MSF:AUXILIARY/SCANNER/HTTP/TOMCAT_MGR_LOGIN
    last seen 2019-01-01
    modified 2018-02-13
    published 2013-02-20
    reliability Normal
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/tomcat_mgr_login.rb
    title Tomcat Application Manager Login Utility
nessus via4
NASL family Web Servers
NASL id TOMCAT_MANAGER_COMMON_CREDS.NASL
description Nessus was able to gain access to the Manager web application for the remote Tomcat server using a known set of credentials. A remote attacker can exploit this issue to install a malicious application on the affected server and run arbitrary code with Tomcat's privileges (usually SYSTEM on Windows, or the unprivileged 'tomcat' account on Unix). Note that worms are known to propagate this way.
last seen 2019-02-21
modified 2018-11-15
plugin id 34970
published 2008-11-26
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=34970
title Apache Tomcat Manager Common Administrative Credentials
packetstorm via4
data source https://packetstormsecurity.com/files/download/125021/tomcat_mgr_upload.rb.txt
id PACKETSTORM:125021
last seen 2016-12-05
published 2014-02-01
reporter rangercha
source https://packetstormsecurity.com/files/125021/Apache-Tomcat-Manager-Code-Execution.html
title Apache Tomcat Manager Code Execution
refmap via4
bid 38084
confirm http://www-01.ibm.com/support/docview.wss?uid=swg21419179
osvdb 62118
secunia 38457
vupen ADV-2010-0297
saint via4
bid 38084
description IBM Cognos Express Server Backdoor Account Remote Code Execution
id misc_ibmcognosacco
osvdb 62118
title ibm_cognos_express_backdoor_account
type remote
Last major update 08-02-2010 - 00:00
Published 05-02-2010 - 17:30
Back to Top