51 matches found
Moderate: Red Hat Security Advisory: tomcat6 security and bug fix update
Updated tomcat6 packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...
tomcat: cross-site-scripting vulnerability in the manager application
Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...
Ubuntu Update for tomcat6 vulnerabilities USN-1097-1
Ubuntu Update for Linux kernel vulnerabilities USN-1097-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10971.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for tomcat6 vulnerabilities USN-1097-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
Apache Tomcat 6.0.x < 6.0.30 Multiple Vulnerabilities
Binary data 800609.prm...
USN-1048-1: Tomcat vulnerability
It was discovered that Tomcat did not properly escape certain parameters in the Manager application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server...
Apache Tomcat 7.0.0 < 7.0.5
The version of Tomcat installed on the remote host is prior to 7.0.5. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.5security-7 advisory. - Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0....
Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)
$Id: tomcatmgrdeploy.rb 11330 2010-12-14 17:26:44Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Fixed in Apache Tomcat 7.0.5
Low: Cross-site scripting CVE-2010-4172 The Manager application used the user provided parameters sort and orderBy directly without filtering thereby permitting cross-site scripting. The CSRF protection, which is enabled by default, prevents an attacker from exploiting this. This was fixed in...
Apache Tomcat crossite scripting
Crossite srcripting in Manager application...
Apache Tomcat < 6.0.18 Multiple Vulnerabilities
According to its self-reported version number, the instance of Apache Tomcat listening on the remote host is prior to 6.0.18. It is, therefore, affected by multiple vulnerabilities : - The remote Apache Tomcat installation is affected by a cross-site scripting vulnerability in the...
Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)
Check for the Version of tomcat5 OpenVAS Vulnerability Test Mandriva Update for tomcat5 MDVSA-2008:188 tomcat5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...