Apache Tomcat security restrictions bypass Vulnerability(CVE-2 0 1 6-6 7 9 7)-vulnerability warning-the black bar safety net

Apache Tomcat security restrictions bypass Vulnerability(CVE-2 0 1 6-6 7 9 7)

Release date: 2016-10-27

Update date: 2016-10-28

Affected system:

Apache Group Tomcat 7.0.0－7.0.70

Description:

BUGTRAQ ID: 9 3 9 4 0

CVE(CAN) ID: CVE-2 0 1 6-6 7 9 7

Apache Tomcat is a popular open source JSP application server program.

Apache Tomcat 7.0.0－7.0.70 in the realization of the presence of security restriction bypass vulnerability. An attacker could exploit this vulnerability to bypass certain security restrictions, perform unauthorized actions.

<*source: the Apache Tomcat security team

*>

Recommendations:

Manufacturers patch:

The Apache Group

------------

The current vendors have released an upgrade patch to fix this security issue, please go to the manufacturers home page download:

<https://tomcat.apache.org/security-7.html&gt;

http://svn.apache.org/viewvc?view=revision&revision=1 7 5 7 2 7 5