Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.48 views

SuSE9 Security Update : Tomcat (YOU Patch Number 12078)

Fixed various issues in tomcat : - modjk directory traversal. CVE-2007-1860 - Handling of cookies containing a ' character. CVE-2007-3382 - Handling of a double-quote character in cookies. CVE-2007-3385 - tomcat path traversal / information leak. CVE-2007-5641 - tomcat HTTP Request Smuggling...

6.8CVSS4.9AI score0.40255EPSS
Exploits9References12
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.33 views

Gentoo Security Advisory GLSA 200708-15 (mod_jk)

The remote host is missing updates announced in advisory GLSA 200708-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5CVSS0.1AI score0.12924EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2008/05/20 2:12 p.m.65 views

Moderate: Red Hat Security Advisory: Red Hat Network Satellite Server security update

Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal...

10CVSS6.5AI score0.90768EPSS
Exploits29References3
Tenable Nessus
Tenable Nessus
added 2008/02/29 12:0 a.m.46 views

openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4992)

Fixed various issues in tomcat : - CVE-2006-7196: Cross-site scripting XSS vulnerability in example JSP applications - CVE-2007-3382: Handling of cookies containing a ' character - CVE-2007-3385: Handling of ' in cookies - CVE-2007-5641: tomcat path traversal / information leak - CVE-2007-1860:...

6.8CVSS4.8AI score0.72168EPSS
Exploits9References7
Tenable Nessus
Tenable Nessus
added 2008/02/27 12:0 a.m.42 views

SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 4990)

Cross-site scripting XSS vulnerability in example JSP applications. CVE-2006-7196 - Handling of cookies containing a ' character. CVE-2007-3382 - Handling of ' in cookies. CVE-2007-3385 - tomcat path traversal / information leak. CVE-2007-5641 - directory traversal. CVE-2007-1860 - tomcat https...

6.8CVSS4.8AI score0.72168EPSS
Exploits9References14
Tenable Nessus
Tenable Nessus
added 2007/08/02 12:0 a.m.83 views

Mac OS X Multiple Vulnerabilities (Security Update 2007-007)

The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...

10CVSS8AI score0.90768EPSS
Exploits55References45
RedHat Linux
RedHat Linux
added 2007/05/30 4:27 p.m.47 views

Important: Red Hat Security Advisory: mod_jk security update

Updated modjk packages that fix a security issue are now available for Red Hat Application Stack v1.1. This update has been rated as having Important security impact by the Red Hat Security Response Team. modjk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HT...

5CVSS5.7AI score0.12924EPSS
Exploits1References2
NVD
NVD
added 2007/05/25 6:30 p.m.33 views

CVE-2007-1860

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

5CVSS6.4AI score0.12924EPSS
Exploits1References34
UbuntuCve
UbuntuCve
added 2007/05/25 6:30 p.m.32 views

CVE-2007-1860

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

5CVSS6AI score0.12924EPSS
Exploits1References1
OSV
OSV
added 2007/05/25 6:30 p.m.6 views

CVE-2007-1860

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

6.4AI score
Exploits0References35
Cvelist
Cvelist
added 2007/05/25 6:0 p.m.45 views

CVE-2007-1860

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

6.3AI score0.12924EPSS
Exploits1References34
CVE
CVE
added 2007/05/25 6:0 p.m.122 views

CVE-2007-1860

CVE-2007-1860 affects the Apache Tomcat JK Web Server Connector (mod_jk) in 1.2.x before 1.2.23. The flaw arises because mod_jk decodes request URLs within Apache before passing them to Tomcat, enabling directory traversal through crafted URLs (e.g., double-encoded .. sequences via a JkMount pref...

5CVSS6.2AI score0.12924EPSS
Exploits1References34Affected Software1
Rows per page
Query Builder