75 matches found
CentOS 5 : tomcat (CESA-2008:0042)
Updated tomcat packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. A...
Low: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0CP02 security update
Updated JBoss Enterprise Application Platform JBEAP 4.3 packages that fix various security issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.3.0.CP02. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application...
RHEL 5 : tomcat (RHSA-2008:0042)
Updated tomcat packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. A...
Moderate: Red Hat Security Advisory: tomcat security update
Updated tomcat packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. A...
Fixed in Apache Tomcat 5.5.26
Low: Session hi-jacking CVE-2007-5333 The previous fix for CVE-2007-3385 was incomplete. It did not consider the use of quotes or %5C within a cookie value. Affects: 5.5.0-5.5.25 Low: Elevated privileges CVE-2007-5342 The JULI logging component allows web applications to provide their own logging...
Debian DSA-1447-1 : tomcat5.5 - several vulnerabilities
Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3382 It was discovered that single quotes ' in cookies were treated as a delimiter, which could lead to an...
CVE-2007-5342
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...
CVE-2007-5342
CVE-2007-5342 affects Apache Tomcat versions 5.5.9–5.5.25 and 6.0.0–6.0.15 where the default catalina.policy for the JULI logging component fails to restrict permissions for web applications. The underlying issue is that untrusted web apps can modify logging configuration options and overwrite a...
CVE-2004-2416
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request...
Sun Java Calendar Logging Component Unspecified Remote DoS
Binary data 4553.prm...
CVE-2002-0796
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges...
CVE-2002-0796
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges...
Format string bugs in mmmail/mmftpd
Format string bugs in logging...
Sudo 1.51.6 - Heap Corruption
Sudo 1.51.6 - Heap Corruption // source: https://www.securityfocus.com/bid/2829/info Sudo superuser do is a security utility that allows administrator to give 'restricted' superuser privileges to certain users. Sudo contains a locally exploitable buffer overrun vulnerability. The overrun conditio...
Sudo 1.5/1.6 - Heap Corruption
// source: https://www.securityfocus.com/bid/2829/info Sudo superuser do is a security utility that allows administrator to give 'restricted' superuser privileges to certain users. Sudo contains a locally exploitable buffer overrun vulnerability. The overrun condition exists in the logging...