5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Jan. 14, 2010 Slava Semushin 0:6.0.18-alt6_8jpp5
- NMU
- Applied upstream patches to fix following vulnerabilities:
+ CVE-2009-0033: DoS when using Java AJP connector
(Closes: [#20313](<https://bugzilla.altlinux.org/20313>))
+ CVE-2009-0580: User enumeration vulnerability with FORM authentication
(Closes: [#20315](<https://bugzilla.altlinux.org/20315>))
+ CVE-2009-0781: XSS in calendar example