Vulnerability Details : CVE-2009-0580
Public exploit exists!
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
Products affected by CVE-2009-0580
- cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.9:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.39:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.38:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*
Threat overview for CVE-2009-0580
Top countries where our scanners detected CVE-2009-0580
Top open port discovered on systems with this issue
80
IPs affected by CVE-2009-0580 11,520
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2009-0580!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2009-0580
91.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-0580
-
Apache Tomcat User Enumeration
First seen: 2020-04-26auxiliary/scanner/http/tomcat_enumThis module enumerates Apache Tomcat's usernames via malformed requests to j_security_check, which can be found in the web administration package. It should work against Tomcat servers 4.1.0 - 4.1.39, 5.5.0 - 5.5.27, and 6.0.0 - 6.0.18. Newer versions no longer hav
CVSS scores for CVE-2009-0580
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2009-0580
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0580
-
http://marc.info/?l=bugtraq&m=133469267822771&w=2
'[security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CS' - MARC
-
http://marc.info/?l=bugtraq&m=129070310906557&w=2
'[security bulletin] HPSBUX02579 SSRT100203 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remot' - MARC
-
http://www.securityfocus.com/archive/1/504125/100/0/threaded
-
http://www.vupen.com/english/advisories/2009/1856
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://tomcat.apache.org/security-5.html
Apache Tomcat® - Apache Tomcat 5 vulnerabilitiesPatch;Vendor Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9101
404 Not Found
-
http://svn.apache.org/viewvc?rev=781379&view=rev
Patch;Vendor Advisory
-
http://svn.apache.org/viewvc?rev=747840&view=rev
Patch;Vendor Advisory
-
http://www.debian.org/security/2011/dsa-2207
Debian -- Security Information -- DSA-2207-1 tomcat5.5
-
http://secunia.com/advisories/37460
About Secunia Research | Flexera
-
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/-Apache Mail Archives
-
http://tomcat.apache.org/security-4.html
Apache Tomcat® - Apache Tomcat 4.x vulnerabilitiesPatch;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=136485229118404&w=2
'[security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remot' - MARC
-
http://www.securityfocus.com/archive/1/504045/100/0/threaded
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6628
404 Not Found
-
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
VMSA-2009-0016.6
-
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/-Apache Mail Archives
-
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:012 - openSUSE Security Announce - openSUSE Mailing Lists
-
http://www.vupen.com/english/advisories/2009/3316
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://tomcat.apache.org/security-6.html
Apache Tomcat® - Apache Tomcat 6 vulnerabilitiesPatch;Vendor Advisory
-
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
Apache Mail Archives
-
http://secunia.com/advisories/35326
Vendor Advisory
-
http://securitytracker.com/id?1022332
-
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
http://marc.info/?l=bugtraq&m=127420533226623&w=2
'[security bulletin] HPSBMA02535 SSRT100029 rev.1 - HP Performance Manager, Remote Unauthorized Acces' - MARC
-
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
[SECURITY] Fedora 10 Update: tomcat6-6.0.20-1.fc10
-
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
http://www.vupen.com/english/advisories/2010/3056
Webmail | OVH- OVH
-
http://secunia.com/advisories/35788
About Secunia Research | Flexera
-
http://support.apple.com/kb/HT4077
About the security content of Security Update 2010-002 / Mac OS X v10.6.3 - Apple Support
-
http://secunia.com/advisories/42368
Sign in
-
http://secunia.com/advisories/35685
About Secunia Research | Flexera
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
Page not found - Mandriva.com
-
http://www.securityfocus.com/bid/35196
Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
Page not found - Mandriva.com
-
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
[SECURITY] Fedora 12 Update: tomcat6-6.0.20-1.fc12
-
http://www.vupen.com/english/advisories/2009/1496
Patch;Vendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18915
404 Not Found
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/50930
Apache Tomcat j_security_check information disclosure CVE-2009-0580 Vulnerability Report
-
http://www.securityfocus.com/archive/1/504108/100/0/threaded
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
mandriva.com
-
http://www.securityfocus.com/archive/1/507985/100/0/threaded
-
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/-Apache Mail Archives
-
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Apple - Lists.apple.com
-
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
[SECURITY] Fedora 11 Update: tomcat6-6.0.20-1.fc11
-
http://svn.apache.org/viewvc?rev=781382&view=rev
Patch;Vendor Advisory
-
http://secunia.com/advisories/35344
Vendor Advisory
Jump to