5 matches found
Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
The remote host is missing updates announced in advisory GLSA 201206-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2011-1475
The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...
CVE-2011-1475
CVE-2011-1475 affects Apache Tomcat 7.0.x prior to 7.0.12. The HTTP BIO connector mishandles HTTP pipelining, allowing remote attackers to read responses intended for other clients by examining HTTP packet data, due to a mix-up of responses for requests from different users. Impact is information...
Apache Tomcat 7.0.x < 7.0.12 Multiple Vulnerabilities
Binary data 5882.pasl...
Fixed in Apache Tomcat 7.0.12
Important: Information disclosure CVE-2011-1475 Changes introduced to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did not fully account for HTTP pipelining. As a result, when using HTTP pipelining a range of unexpected behaviours occurred including the mixing up of respons...