232 matches found
RedHat Update for tomcat6 RHSA-2014:0429-01
Check for the Version of tomcat6 OpenVAS Vulnerability Test RedHat Update for tomcat6 RHSA-2014:0429-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[ANN] Struts 2.3.16.2 GA release available - security fix
The Apache Struts group is pleased to announce that Struts 2.3.16.2 is available as a "General Availability" release.The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed ...
CentOS 6 : tomcat6 (CESA-2014:0429)
Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: tomcat6 security update
Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Debian Security Advisory DSA 2897-1 (tomcat7 - security update)
Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login...
Important: Red Hat Security Advisory: jbossweb security update
An update for Red Hat JBoss Enterprise Application Platform 6.1.0 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score,...
openjpa: Remote arbitrary code execution by creating a serialized object and leveraging improperly secured server programs
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...
Debian Security Advisory DSA 2725-1 (tomcat6 - several vulnerabilities)
Two security issues have been found in the Tomcat servlet and JSP engine: CVE-2012-3544 The input filter for chunked transfer encodings could trigger high resource consumption through malformed CRLF sequences, resulting in denial of service. CVE-2013-2067 The FormAuthenticator module was vulnerab...
Oracle Linux 5 : Important: / tomcat (ELSA-2007-0327)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0327 advisory. jakarta-commons-modeler-1.1-8jpp.1.0.2.el5 1.1-8jpp.1.0.2.el5 - rebuild after the fix for bug 238139 made it into the build root - Resolves: bug 238694...
DEBIAN-CVE-2013-1768
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...
tomcat6 security update
CentOS Errata and Security Advisory CESA-2013:0964 Updated tomcat6 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...
Apache Struts 'ParameterInterceptor'类OGNL安全绕过漏洞
Bugtraq ID:60082 Apache Struts框架是一个基于Java Servlets,JavaBeans, 和 JavaServer Pages JSP的Web应用框架的开源项目。 Apache Struts "ParameterInterceptor"类存在一个错误,允许远程攻击者利用漏洞修改服务端对象,如通过特制的OGNL表达式来执行任意命令。 0 Apache Struts 2.x 厂商解决方案 Apache Struts 2.3.14.1已经修复此漏洞,建议用户下载更新: http://struts.apache.org/...
Important: Red Hat Security Advisory: tomcat5 and tomcat6 security update
Updated tomcat5 and tomcat6 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...
Important: Red Hat Security Advisory: tomcat6 and tomcat7 security update
Updated tomcat6 and tomcat7 packages that fix one security issue are now available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...
Fedora Update for tomcat FEDORA-2013-7999
Check for the Version of tomcat OpenVAS Vulnerability Test Fedora Update for tomcat FEDORA-2013-7999 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
[SECURITY] Fedora 17 Update: tomcat-7.0.40-1.fc17
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...
Moderate: Red Hat Security Advisory: jbossweb security update
Updated jbossweb packages for JBoss Enterprise Application Platform 6.0.1 that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...
Moderate: Red Hat Security Advisory: jbossweb security update
An update for JBoss Enterprise Application Platform 6.0.1 which fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...
Moderate: Red Hat Security Advisory: jbossweb security update
An update for JBoss Enterprise Application Platform 5.2.0 which fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...
Important: Red Hat Security Advisory: jbossas security update
Updated jbossas packages that fix one security issue are now available for JBoss Enterprise Application Platform 4.3.0 CP10 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVS...