Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2012/02/02 10:17 p.m.7 views

tomcat: security manager restrictions bypass

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service infinite lo...

4.4CVSS6.1AI score0.00699EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/01/31 10:56 p.m.8 views

tomcat: security manager restrictions bypass

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service infinite lo...

4.4CVSS6.1AI score0.00699EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/12/05 5:39 p.m.47 views

Moderate: Red Hat Security Advisory: tomcat6 security and bug fix update

Updated tomcat6 packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.5CVSS6.4AI score0.15226EPSS
Exploits2References7
Apache Tomcat
Apache Tomcat
added 2011/09/22 12:0 a.m.54 views

Fixed in Apache Tomcat 5.5.34

Moderate: Multiple weaknesses in HTTP DIGEST authentication CVE-2011-1184 Note: Mitre elected to break this issue down into multiple issues and have allocated the following additional references to parts of this issue: CVE-2011-5062, CVE-2011-5063 and CVE-2011-5064. The Apache Tomcat security tea...

7.5CVSS6.6AI score0.15226EPSS
Exploits2Affected Software1
securityvulns
securityvulns
added 2011/07/18 12:0 a.m.71 views

[SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2011-2526: Apache Tomcat Information disclosure and availability vulnerabilities Severity: low Vendor: The Apache Software Foundation Versions Affected: Tomcat 7.0.0 to 7.0.18 Tomcat 6.0.0 to 6.0.32 Tomcat 5.5.0 to 5.0.33 Previous, unsupported...

4.4CVSS5.3AI score0.00699EPSS
Exploits1
Rows per page
Query Builder