22 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-1157
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request fo...
RHEL 5 : tomcat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: tomcat writable config files allow privilege escalation CVE-2016-6325 - Apache Tomcat 5.5.0 throu...
Security Bulletin: Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator
Summary IBM Sterling B2B Integrator has integrated multiple security vulnerability fixes from Apache Log4j, please see list of CVEs for vulnerability details Vulnerability Details CVEID: CVE-2017-5645 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system,...
Apache Tomcat 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 - Information Disclosure Vulnerability
No description provided by source. CVE-2010-1157: Apache Tomcat information disclosure vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 6.0.0 to 6.0.26 - - Tomcat 5.5.0 to 5.5.29 Note: The unsupported Tomcat 3.x, 4.x and 5.0.x versions may also be...
openSUSE Security Update : tomcat6 (openSUSE-SU-2010:0616-1)
This update of tomcat fixes denial of service and information disclosure vulnerabilities which could potentially be exploited by remote attackers to crash tomcat or to obtain sensitive information CVE-2010-2227, CVE-2010-1157. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
RHEL 4 / 5 : jbossweb (RHSA-2010:0584)
An updated jbossweb package that fixes two security issues is now available for JBoss Enterprise Application Platform 4.2 and 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...
Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
The remote host is missing updates announced in advisory GLSA 201206-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Moderate: Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.2 update
JBoss Enterprise Web Server 1.0.2 is now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
Apache Tomcat 5.5.x < 5.5.30 Multiple Vulnerabilities
Binary data 5786.pasl...
Apache Tomcat 6.0.x < 6.0.28 Multiple Vulnerabilities
Binary data 5788.pasl...
HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579
Check for the Version of Apache Running Tomcat Servlet Engine OpenVAS Vulnerability Test HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...
HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579
The remote host is missing an update for the Apache Running Tomcat Servlet Engine packages announced via the referenced advisory. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
SuSE 10 Security Update : tomcat5 (ZYPP Patch Number 7099)
This update of tomcat fixes denial of service and information disclosure vulnerabilities which could potentially be exploited by remote attackers to crash tomcat or to obtain sensitive information. CVE-2010-2227 / CVE-2010-1157 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...
openSUSE Security Update : tomcat6 (openSUSE-SU-2010:0616-1)
This update of tomcat fixes denial of service and information disclosure vulnerabilities which could potentially be exploited by remote attackers to crash tomcat or to obtain sensitive information CVE-2010-2227, CVE-2010-1157. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
openSUSE Security Update : tomcat6 (openSUSE-SU-2010:0616-1)
This update of tomcat fixes denial of service and information disclosure vulnerabilities which could potentially be exploited by remote attackers to crash tomcat or to obtain sensitive information CVE-2010-2227, CVE-2010-1157. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
SuSE9 Security Update : Tomcat (YOU Patch Number 12625)
This update of tomcat fixes a denial of service vulnerability and two information disclosure flaws which could potentially be exploited by remote attackers to crash tomcat or to obtain sensitive information. CVE-2010-2227, CVE-2010-1157 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The tex...
Important: Red Hat Security Advisory: jbossweb security update
An updated jbossweb package that fixes two security issues is now available for JBoss Enterprise Application Platform 4.2 and 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...
Fixed in Apache Tomcat 6.0.28
Important: Remote Denial Of Service and Information Disclosure Vulnerability CVE-2010-2227 Several flaws in the handling of the 'Transfer-Encoding' header were found that prevented the recycling of a buffer. A remote attacker could trigger this flaw which would cause subsequent requests to fail...
CVE-2010-1157
CVE-2010-1157 affects Apache Tomcat 5.5.0–5.5.29 and 6.0.0–6.0.26. The vulnerability allows an attacker to disclose the server’s hostname or IP by sending a request for a resource that requires BASIC or DIGEST authentication and then reading the realm field in the WWW-Authenticate header. The pro...