17 matches found
Apache Tomcat < 6.0.14 Multiple Vulnerabilities
According to its self-reported version number, the Apache Tomcat instance listening on the remote host is prior to 6.0.14. It is, therefore, affected by the following vulnerabilities : - Cross-site scripting XSS vulnerabilities exists due to improper validation of user-supplied input before...
Oracle: Security Advisory (ELSA-2007-0871)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 5 : Moderate: / tomcat (ELSA-2007-0871)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0871 advisory. 5.5.23-0jpp.3.0.2 - Patch for CVE-2007-3382 and CVE-2007-3385 Resolves: rhbz254155 5.5.23-0jpp.3.0.1 - Patch for CVE-2007-3386 Resolves: rhbz254155...
CentOS 5 : tomcat (CESA-2007:0871)
Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and Java Server Pages technologies. Tomcat...
SLES10: Security update for Websphere Community Edition
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: websphere-asce More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references. SPDX-FileCopyrightText:...
Fedora Update for tomcat5 FEDORA-2007-3456
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for tomcat5 FEDORA-2007-3474
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for tomcat5 FEDORA-2008-1467
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 8 : tomcat5-5.5.27-0jpp.2.fc8 (2008-8130)
Mon Sep 15 2008 David Walluck 0:5.5.27-0jpp.2 - add commons-io symlink - Mon Sep 15 2008 David Walluck 0:5.5.27-0jpp.1 - 5.5.27 Resolves: rhbz456120 Resolves: rhbz457934 Resolves: rhbz446393 Resolves: rhbz457597 - Tue Feb 12 2008 Devrim GUNDUZ 0:5.5.26-1jpp.2 - Rebuilt - Fri Feb 8 2008 Devrim...
Fedora 8 : tomcat5-5.5.26-1jpp.2.fc8 (2008-1603)
Tue Feb 12 2008 Devrim GUNDUZ 0:5.5.26-1jpp.2 - Rebuilt - Fri Feb 8 2008 Devrim GUNDUZ 0:5.5.26-1jpp.1 - Update to new upstream version, which also fixes the following : - CVE-2007-5342 - CVE-2007-5333 - CVE-2007-5461 - CVE-2007-6286 - Removed patch20, now in upstream. - Sat Jan 5 2008 Devrim...
Fedora 7 : tomcat5-5.5.26-1jpp.2.fc7 (2008-1467)
---------------------------------------------------------------------- ---------- ChangeLog : - Tue Feb 12 2008 Devrim GUNDUZ 0:5.5.26-1jpp.2 - Rebuilt - Fri Feb 8 2008 Devrim GUNDUZ 0:5.5.26-1jpp.1 - Update to new upstream version, which also fixes the following : - CVE-2007-5342 - CVE-2007-5333...
[SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1447-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 03, 2008 http://www.debian.org/security/faq -...
Security fix for the ALT Linux 5 package tomcat5 version 0:5.5.25-alt1_1.1jpp5.0
Nov. 30, 2007 Igor Vlasenko 0:5.5.25-alt11.1jpp5.0 - Updated to 5.5.25, to fix the following issues: CVE-2007-1355 CVE-2007-3386 CVE-2007-3385 CVE-2007-3382 CVE-2007-2450 CVE-2007-2449 - Applied patch20 for CVE-2007-5461 - Applied patch21 for CVE-2007-1358 - Add jasper-eclipse subpackage which is...
Fedora 8 : tomcat5-5.5.25-1jpp.1.fc8 (2007-3474)
Updated Tomcat5 packages that fix several security bugs are now available for Fedora Core 8. This update includes fixes to the following : - CVE-2007-1355 - CVE-2007-3386 - CVE-2007-3385 - CVE-2007-3382 - CVE-2007-2450 - CVE-2007-2449 - CVE-2007-5461 - CVE-2007-1358 All users of tomcat are advise...
Moderate: tomcat security update
5.5.23-0jpp.3.0.2 - Patch for CVE-2007-3382 and CVE-2007-3385 Resolves: rhbz254155 5.5.23-0jpp.3.0.1 - Patch for CVE-2007-3386 Resolves: rhbz254155...
CVE-2007-3386
Cross-site scripting XSS vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action...
CVE-2007-3386.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-3386: XSS in Host Manager Severity: Low Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: 6.0.0 to 6.0.13 5.5.0 to 5.5.24 Description: The Host Manager Servlet does not filter user supplied data before display. Th...