Lucene search
K

8 matches found

Saint
Saint
added 2010/11/05 12:0 a.m.71 views

HP Performance Manager Apache Tomcat Policy Bypass

Added: 11/05/2010 CVE: CVE-2009-3548 BID: 36954 OSVDB: 60176 Background HP Performance Manager Software is a web-based analysis and visualization tool that analyzes performance trends of applications, systems, and services. HP Performance Manager incorporates Apache Tomcat 5 to help serve custom...

7.5CVSS8.5AI score0.78995EPSS
Exploits10
Saint
Saint
added 2010/11/05 12:0 a.m.80 views

HP Performance Manager Apache Tomcat Policy Bypass

Added: 11/05/2010 CVE: CVE-2009-3548 BID: 36954 OSVDB: 60176 Background HP Performance Manager Software is a web-based analysis and visualization tool that analyzes performance trends of applications, systems, and services. HP Performance Manager incorporates Apache Tomcat 5 to help serve custom...

7.5CVSS8.5AI score0.78995EPSS
Exploits10
Prion
Prion
added 2010/10/26 6:0 p.m.35 views

Default credentials

The Tomcat server in IBM Rational Quality Manager and Rational Test Lab Manager has a default password for the ADMIN account, which makes it easier for remote attackers to execute arbitrary code by leveraging access to the manager role. NOTE: this might overlap CVE-2009-3548...

5CVSS7.6AI score0.78995EPSS
Exploits14References7
CVE
CVE
added 2010/10/26 5:0 p.m.131 views

CVE-2010-4094

Technical details for CVE-2010-4094 are not publicly provided in the supplied documents; monitor for updates.

5CVSS7.4AI score0.64496EPSS
Exploits9References7Affected Software2
securityvulns
securityvulns
added 2010/05/20 12:0 a.m.90 views

[security bulletin] HPSBMA02535 SSRT100029 rev.1 - HP Performance Manager, Remote Unauthorized Access, Cross Site Scripting (XSS), Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02181353 Version: 1 HPSBMA02535 SSRT100029 rev.1 - HP Performance Manager, Remote Unauthorized Access, Cross Site Scripting XSS, Denial of Service DoS NOTICE: The information in this Security...

7.5CVSS0.3AI score0.9444EPSS
Exploits18
Apache Tomcat
Apache Tomcat
added 2010/04/20 12:0 a.m.53 views

Fixed in Apache Tomcat 5.5.29

Low: Arbitrary file deletion and/or alteration on deploy CVE-2009-2693 When deploying WAR files, the WAR files were not checked for directory traversal attempts. This allows an attacker to create arbitrary content outside of the web root by including entries such as ../../bin/catalina.sh in the...

7.5CVSS5.9AI score0.78995EPSS
Exploits10Affected Software1
CVE
CVE
added 2009/11/12 11:0 p.m.157 views

CVE-2009-3548

CVE-2009-3548 affects the Windows installer for Apache Tomcat (versions 6.0.0–6.0.20 and 5.5.0–5.5.28, possibly earlier). The underlying issue is a blank default password for the administrative user, which can be exploited remotely to gain administrative privileges. The linked connected documents...

7.5CVSS7.8AI score0.78995EPSS
Exploits10References26Affected Software1
seebug.org
seebug.org
added 2009/11/10 12:0 a.m.130 views

Apache Tomcat Windows安装程序默认空口令漏洞

BUGTRAQ ID: 36954 CVE ID: CVE-2009-3548 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Windows安装程序默认对管理用户设置了空口令。如果在安装过程中没有更改这个口令,就会使用空口令创建各种管理用户。 Tomcat 5.5.0 to 5.5.28 Tomcat 6.0.0 to 6.0.20 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.5CVSS7.3AI score0.78995EPSS
Exploits10
Rows per page
Query Builder