17 matches found
Directory traversal
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to...
VMSA-2010-0012 : VMware vCenter Update Manager Fix for Jetty Web Server
The version of VMware vCenter Update Manager installed on the remote Windows host is 4.0 earlier than Update 3 or 4.1 earlier than Update 1. The installed version is, therefore, potentially affected by multiple vulnerabilities in the embedded Jetty Web server : - A directory traversal vulnerabili...
VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
a. VMware vCenter Update Manager Jetty Web server vulnerabilities VMware vCenter Update Manager is an automated patch management solution for VMware ESX hosts and Microsoft virtual machines. Update Manager embeds the Jetty Web server which is a third party component. The default version of the...
VMSA-2010-0012:VMware vCenter Update Manager fix for Jetty Web server addresses HIGH security vulnerabilities
VMSA-2010-0012.2 VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0012.2 VMware Security Advisory Synopsis: VMware vCenter Update Manager fix for Jetty Web server addresses...
Mandriva Security Advisory MDVSA-2009:291 (jetty5)
The remote host is missing an update to jetty5 announced via advisory MDVSA-2009:291. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
openSUSE Security Update : jetty5 (jetty5-1531)
This update fixes a directory traversal bug in jetty5's HTTP server. CVE-2009-1523: CVSS v2 Base Score: 7.1 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update jetty5-1531. The text description of...
jetty 6.x 7.x - Cross-Site Scripting Information Disclosure Injection
jetty 6.x 7.x - Cross-Site Scripting Information Disclosure Injection Jetty 6.x and 7.x Multiple Vulnerabilities Name Multiple Vulnerabilities in Jetty Systems Affected Jetty 7.0.0 and earlier versions Severity Medium Impact CVSSv2 Medium 5/10, vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Vendor...
Fedora Core 9 FEDORA-2009-5500 (jetty)
The remote host is missing an update to jetty announced via advisory FEDORA-2009-5500. OpenVAS Vulnerability Test $Id: fcore20095500.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-5500 jetty Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 11 FEDORA-2009-5509 (jetty)
The remote host is missing an update to jetty announced via advisory FEDORA-2009-5509. OpenVAS Vulnerability Test $Id: fcore20095509.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-5509 jetty Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 10 FEDORA-2009-5513 (jetty)
The remote host is missing an update to jetty announced via advisory FEDORA-2009-5513. OpenVAS Vulnerability Test $Id: fcore20095513.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-5513 jetty Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 10 FEDORA-2009-5513 (jetty)
The remote host is missing an update to jetty announced via advisory FEDORA-2009-5513. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 11 FEDORA-2009-5509 (jetty)
The remote host is missing an update to jetty announced via advisory FEDORA-2009-5509. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-5500 (jetty)
The remote host is missing an update to jetty announced via advisory FEDORA-2009-5500. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora 11 : jetty-5.1.15-4.fc11 (2009-5509)
This build upgrades jetty to 5.1.15 which addresses CVE-2009-1523. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 10 : jetty-5.1.15-3.fc10 (2009-5513)
This bug upgrades jetty to 5.1.15 which addresses CVE-2009-1523. Wed Feb 11 2009 Jeff Johnston 5.1.14-1.10 - Rename jettyc back to .jettyrc. - Resolves 485012 Tue Feb 03 2009 Jeff Johnston 5.1.14-1.9 - Change %%sysconfdir/init.d references to be %%initrddir - Resolves 473585 Mon Feb 02 2009 Jeff...
CVE-2009-1523
CVE-2009-1523 affects Mort Bay Jetty HTTP servers (Jetty 5.1.14, 6.x
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
Jetty is prone to a cross-site scripting vulnerability and an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...