Lucene search
K

27 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.218 views

Tomcat UTF-8 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tomcat UTF-8 Directory Traversal Vulnerability', 'Description' = %q This module tests whether a directory traversal vulnerability is present in...

4.3CVSS7AI score0.99708EPSS
Exploits22
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.6 views

SUSE CVE-2008-2938

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...

4.3CVSS5.2AI score0.99708EPSS
Exploits22References7
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.65 views

Scientific Linux Security Update : tomcat on SL5.x i386/x86_64

A cross-site scripting vulnerability was discovered in the HttpServletResponse.sendError method. A remote attacker could inject arbitrary web script or HTML via forged HTTP headers. CVE-2008-1232 An additional cross-site scripting vulnerability was discovered in the host manager application. A...

5CVSS6.1AI score0.99708EPSS
Exploits27References5
Metasploit
Metasploit
added 2011/09/22 7:34 a.m.78 views

TrendMicro Data Loss Prevention 5.5 Directory Traversal

This module tests whether a directory traversal vulnerability is present in Trend Micro DLP Data Loss Prevention Appliance v5.5 build 'TrendMicro Data Loss Prevention 5.5 Directory Traversal', 'Description' = %q This module tests whether a directory traversal vulnerability is present in Trend Mic...

4.3CVSS7.2AI score0.99708EPSS
Exploits22
OpenVAS
OpenVAS
added 2011/06/14 12:0 a.m.36 views

Trend Micro Data Loss Prevention 5.5 Directory Traversal Vulnerability

Trend Micro Data Loss Prevention is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...

4.3CVSS6.3AI score0.99708EPSS
Exploits22References2
Exploit DB
Exploit DB
added 2010/07/28 12:0 a.m.57 views

Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal

/Apache Tomcat include include include include include include include include include include define EXPLOIT "GET /%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd HTTP/1.0\n\n" define RCVBUFSIZE 9999 define tester "root:x" void cls char esc = 27; printf"%c%s",esc,"2J"; printf"%c%s",esc,"1;1H";...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/28 12:0 a.m.155 views

Apache Tomcat UTF-8 Directory Traversal

/Apache Tomcat include include include include include include include include include include define EXPLOIT "GET /%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd HTTP/1.0\n\n" define RCVBUFSIZE 9999 define tester "root:x" void cls char esc = 27; printf"%c%s",esc,"2J"; printf"%c%s",esc,"1;1H";...

4.3CVSS0.4AI score0.99708EPSS
Exploits22
Check Point Advisories
Check Point Advisories
added 2009/11/01 12:0 a.m.14 views

Apache Tomcat URIencoding Directory Traversal (CVE-2007-0450; CVE-2008-2938)

Apache Tomcat is an implementation of the Java Servlet and JavaServer pages technologies. The software provides the servlet container used in development and deployment of Java based web applications. Users access Tomcat applications using web browsers that communicate to the server via the HTTP...

5CVSS6.7AI score0.99708EPSS
Exploits24
OpenVAS
OpenVAS
added 2009/10/13 12:0 a.m.43 views

SLES10: Security update for Websphere Community Edition

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: websphere-asce More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references. SPDX-FileCopyrightText:...

7.5CVSS5.5AI score0.99708EPSS
Exploits39References1
OpenVAS
OpenVAS
added 2009/10/13 12:0 a.m.33 views

SLES10: Security update for Tomcat 5

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: tomcat5 tomcat5-admin-webapps tomcat5-webapps More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the...

4.3CVSS7.6AI score0.99708EPSS
Exploits22References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.41 views

SLES9: Security update for Tomcat

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache-jakarta-tomcat-connectors apache2-jakarta-tomcat-connectors jakarta-tomcat jakarta-tomcat-doc jakarta-tomcat-examples For more information, please vis...

4.3CVSS7.6AI score0.99708EPSS
Exploits22References1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.49 views

SuSE9 Security Update : Tomcat (YOU Patch Number 12232)

This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. CVE-2008-2938 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

4.3CVSS5.2AI score0.99708EPSS
Exploits22References2
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.54 views

openSUSE Security Update : tomcat6 (tomcat6-161)

This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. CVE-2008-2938 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update tomcat6-161. The...

4.3CVSS5.2AI score0.99708EPSS
Exploits22References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.29 views

Fedora Update for tomcat5 FEDORA-2008-8113

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS7.7AI score0.99708EPSS
Exploits27References2
securityvulns
securityvulns
added 2009/01/11 12:0 a.m.132 views

Java Runtime UTF-8 Decoder Smuggling Vector

Due to misconfiguration of mailing lists, it was just pointed out this is already public. Apologies to those vendors who have not reacted to Sun's announcements of December 2nd in a timely manner; Mitre ID: CVE-2008-2938 Initial title: Java Runtime UTF-8 Decoding Flaw Actual title: Java Runtime...

4.3CVSS7.4AI score0.99708EPSS
Exploits22
RedHat Linux
RedHat Linux
added 2008/12/08 9:2 a.m.60 views

Low: Red Hat Security Advisory: tomcat security update for Red Hat Network Satellite Server

Updated tomcat packages that fix multiple security issues are now available for Red Hat Network Satellite Server. This update has been rated as having low security impact by the Red Hat Security Response Team. This update corrects several security vulnerabilities in the Tomcat component shipped a...

5CVSS6.6AI score0.99708EPSS
Exploits29References7
Tenable Nessus
Tenable Nessus
added 2008/09/11 12:0 a.m.37 views

openSUSE 10 Security Update : tomcat55 (tomcat55-5547)

This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. CVE-2008-2938 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update tomcat55-5547. T...

4.3CVSS5.2AI score0.99708EPSS
Exploits22References1
Tenable Nessus
Tenable Nessus
added 2008/09/10 12:0 a.m.37 views

openSUSE 10 Security Update : tomcat5 (tomcat5-5542)

This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. CVE-2008-2938 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update tomcat5-5542. Th...

4.3CVSS5.2AI score0.99708EPSS
Exploits22References1
RedHat Linux
RedHat Linux
added 2008/08/27 5:13 p.m.53 views

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...

5CVSS6.6AI score0.99708EPSS
Exploits27References5
Oracle linux
Oracle linux
added 2008/08/27 12:0 a.m.53 views

tomcat security update

5.5.23-0jpp.7.el52.1 - add patch for CVE-2008-1232 Resolves: rhbz457727 - add patch for CVE-2008-1947 Resolves: rhbz449916 - add patch for CVE-2008-2370 Resolves: rhbz458634 - add patch for CVE-2008-2938 Resolves: rhbz456214...

5CVSS2.1AI score0.99708EPSS
Exploits27
Rows per page
Query Builder