Lucene search
+L

956 matches found

RedHat Linux
RedHat Linux
added 2012/01/31 10:55 p.m.65 views

Important: Red Hat Security Advisory: jbossweb security update

Updated jbossweb packages that fix multiple security issues are now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...

5CVSS6.2AI score0.80318EPSS
Exploits8References6
RedHat Linux
RedHat Linux
added 2012/01/19 5:21 p.m.4 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret aka private key, which makes it easier for remote attackers to bypass cryptographic...

4.3CVSS6.1AI score0.0657EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/01/19 5:21 p.m.7 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability th...

5CVSS6.1AI score0.07628EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/01/19 5:21 p.m.6 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weak...

4.3CVSS6.1AI score0.06631EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/01/19 5:21 p.m.61 views

Moderate: Red Hat Security Advisory: jbossweb security update

An update for JBoss Enterprise Application Platform 4.3.0 CP10 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

5CVSS6.1AI score0.80318EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 2012/01/19 5:21 p.m.6 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

5CVSS6.2AI score0.0854EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2012/01/14 9:55 p.m.3 views

CVE-2011-5063

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weak...

5CVSS5.7AI score0.0854EPSS
Exploits0References28
OpenVAS
OpenVAS
added 2011/12/23 12:0 a.m.39 views

CentOS Update for tomcat5 CESA-2011:1845 centos5 i386

Check for the Version of tomcat5 OpenVAS Vulnerability Test CentOS Update for tomcat5 CESA-2011:1845 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

5CVSS6.2AI score0.10228EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2011/12/23 12:0 a.m.41 views

RedHat Update for tomcat5 RHSA-2011:1845-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.3AI score0.10228EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2011/12/21 12:0 a.m.52 views

RHEL 5 : tomcat5 (RHSA-2011:1845)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1845 advisory. - tomcat: file permission bypass flaw CVE-2010-3718 - tomcat: XSS vulnerability in HTML Manager interface CVE-2011-0013 - tomcat: Multiple...

5CVSS5.7AI score0.10228EPSS
Exploits3References15
Tenable Nessus
Tenable Nessus
added 2011/12/21 12:0 a.m.47 views

CentOS 5 : tomcat5 (CESA-2011:1845)

Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5CVSS5.8AI score0.10228EPSS
Exploits3References9
RedHat Linux
RedHat Linux
added 2011/12/20 5:16 p.m.6 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability th...

5CVSS6.1AI score0.07628EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/12/20 5:16 p.m.7 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret aka private key, which makes it easier for remote attackers to bypass cryptographic...

4.3CVSS6.1AI score0.0657EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/12/20 5:16 p.m.6 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

5CVSS6.2AI score0.0854EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/12/20 5:16 p.m.52 views

Moderate: Red Hat Security Advisory: tomcat5 security update

Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5CVSS6.2AI score0.10228EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2011/12/05 5:39 p.m.15 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability th...

5CVSS6.1AI score0.07628EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/12/05 5:39 p.m.7 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret aka private key, which makes it easier for remote attackers to bypass cryptographic...

4.3CVSS6.1AI score0.0657EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/12/05 5:39 p.m.12 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weak...

4.3CVSS6.1AI score0.06631EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/12/05 5:39 p.m.8 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

5CVSS6.2AI score0.0854EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/12/05 5:39 p.m.47 views

Moderate: Red Hat Security Advisory: tomcat6 security and bug fix update

Updated tomcat6 packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.5CVSS6.4AI score0.15226EPSS
Exploits2References7
Rows per page
Query Builder