5 matches found
Debian Security Advisory DSA 246-1 (tomcat)
The remote host is missing an update to tomcat announced via advisory DSA 246-1. OpenVAS Vulnerability Test $Id: deb2461.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 246-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
CVE-2003-0043
Affected software: Jakarta Tomcat prior to 3.3.1a when used with JDK 1.3.1 or earlier. Root cause: processing of web.xml uses trusted privileges, enabling remote attackers to read portions of some files. Impact: information disclosure (partial). Exploitation details are not provided in the suppli...
CVE-2003-0043
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file...
CVE-2003-0043
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file...
Fixed in Apache Tomcat 3.3.1a
Important: Information disclosure CVE-2003-0043 When used with JDK 1.3.1 or earlier, web.xml files were read with trusted privileges enabling files outside of the web application to be read even when running under a security manager. Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1 Important:...