29 matches found
MiracleLinux 4 : tomcat6-6.0.24-55.AXS4 (AXSA:2013-467:03)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-467:03 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...
Oracle: Security Advisory (ELSA-2013-0870)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2013-0869)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0871)
Updated tomcat6 and tomcat7 packages that fix one security issue are now available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...
openSUSE Security Update : tomcat (openSUSE-SU-2013:1307-1)
Tomcat was updated to fix security issues and bug: CVE-2013-1976: Avoid a potential symlink race during startup of the tomcat server, where a local attacker that gaine access to the tomcat chroot could escalate privileges to root. CVE-2013-2067:...
SuSE 11.2 / 11.3 Security Update : tomcat6 (SAT Patch Numbers 8155 / 8156)
This update of tomcat6 fixes : - apache-tomcat-CVE-2012-3544.patch. bnc831119 - use chown --no-dereference to prevent symlink attacks on log bnc822177c7/prevents CVE-2013-1976 - Fix tomcat init scripts generating malformed classpath http://youtrack.jetbrains.com/issue/JT-18545 bnc804992 patch fro...
Oracle Linux 6 : tomcat6 (ELSA-2013-0869)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0869 advisory. - Related: rhbz955976 CVE-2013-1976. Changed log location - Resolves: rhbz956771 Related: CVE-2012-3439 digest - Resolves: rhbz955976 CVE-2013-1976...
Oracle Linux 5 : tomcat5 (ELSA-2013-0870)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0870 advisory. - Related: CVE-2013-1976 It was found during additional testing - Resolves: CVE-2013-1976 Improper TOMCATLOG management in Tenable has extracted the preceding...
CVE-2013-1976
The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...
CVE-2013-1976
The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...
CVE-2013-1976
CVE-2013-1976 affects Tomcat init scripts in RPMs for JBoss Enterprise Web Server 1.0.2/2.0.0 and Red Hat Enterprise Linux 5/6. The vulnerability arises from a symlink attack on log files (tomcat5-initd.log, tomcat6-initd.log, catalina.out, tomcat7-initd.log), allowing a local user to change owne...
CVE-2013-1976
Removed by vendor...
RedHat Update for tomcat5 RHSA-2013:0870-01
Check for the Version of tomcat5 OpenVAS Vulnerability Test RedHat Update for tomcat5 RHSA-2013:0870-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for tomcat6 RHSA-2013:0869-01
Check for the Version of tomcat6 OpenVAS Vulnerability Test RedHat Update for tomcat6 RHSA-2013:0869-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for tomcat5 CESA-2013:0870 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for tomcat5 RHSA-2013:0870-01
The remote host is missing an update for the Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Apache Tomcat 不安全临时文件处理漏洞(CVE-2013-1976)
BUGTRAQ ID: 60186 CVECAN ID: CVE-2013-1976 Apache Tomcat是一个流行的开源JSP应用服务器程序。 Apache Tomcat服务中init脚本在管理Tomcat日志文件时存在漏洞,本地攻击者可利用此漏洞造成拒绝服务,或者通过对Tomcat日志文件的符号链接攻击,以特权系统用户权限执行任意代码。 0 Apache Group Tomcat 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
RHEL 5 / 6 : tomcat5 and tomcat6 (RHSA-2013:0872)
Updated tomcat5 and tomcat6 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...
CentOS 5 : tomcat5 (CESA-2013:0870)
Updated tomcat5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CentOS 6 : tomcat6 (CESA-2013:0869)
Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...