5 matches found
RHEL 3 / 4 : tomcat in Satellite Server (RHSA-2007:1069)
Updated tomcat packages that fix multiple security issues are now available for Red Hat Network Satellite Server. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. ...
SLES10: Security update for Tomcat 5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: tomcat5 tomcat5-admin-webapps tomcat5-webapps More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the...
Moderate: Red Hat Security Advisory: Red Hat Network Satellite Server security update
Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal...
CVE-2006-3835
CVE-2006-3835 affects Apache Tomcat 5 before 5.5.17. The vulnerability allows remote attackers to list directories by using a semicolon before a filename with a mapped extension, as shown by URLs like /;index.jsp or /;help.do. The initial description confirms the condition; related advisories (GH...
Fixed in Apache Tomcat 5.5.13, 5.0.SVN
Low: Directory listing CVE-2006-3835 This is expected behaviour when directory listings are enabled. The semicolon ; is the separator for path parameters so inserting one before a file name changes the request into a request for a directory with a path parameter. If directory listings are enabled...