SUSE: Security Advisory (SUSE-SU-2013:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMware Security Updates for vCenter Server (VMSA-2013-0006)

The version of VMware vCenter installed on the remote host is 5.1 prior to update 1. It therefore is potentially affected by the following vulnerabilities : - When deployed in an environment that uses Active Directory with anonymous LDAP binding enabled, VMware vCenter doesn't properly handle log...

SuSE 11.2 Security Update : tomcat6 (SAT Patch Number 7208)

This update of tomcat6 fixes the following security issues : - denial of service. CVE-2012-4534 - tomcat: HTTP NIO connector OOM DoS via a request with large headers. CVE-2012-2733 - tomcat: cnonce tracking weakness. CVE-2012-5885 - tomcat: authentication caching weakness. CVE-2012-5886 - tomcat:...

[USN-1637-1] Tomcat vulnerabilities

========================================================================== Ubuntu Security Notice USN-1637-1 November 21, 2012 tomcat6 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

FreeBSD Ports: tomcat

The remote host is missing an update to the system as announced in the referenced advisory. VID 4ca26574-2a2c-11e2-99c7-00a0d181e71d OpenVAS Vulnerability Test $ Description: Auto generated from VID 4ca26574-2a2c-11e2-99c7-00a0d181e71d Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: tomcat

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: tomcat

The remote host is missing an update to the system as announced in the referenced advisory. Copyright C 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities

According to its self-reported version number, the instance of Apache Tomcat 6.0 listening on the remote host is prior to Tomcat 6.0.36. It is, therefore, affected by multiple vulnerabilities : - A flaw exists within the parseHeaders function that allows for a crafted header to cause a remote...

Apache Tomcat 7.0.0 < 7.0.28 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.28. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.28security-7 advisory. - java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6...

CVE-2012-2733

java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service memory consumption via a large amount of head...

CVE-2012-2733

CVE-2012-2733 involves Apache Tomcat’s HTTP NIO connector (java/org/apache/coyote/http11/InternalNioInputBuffer.java). The flaw does not properly restrict the request-header size in Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, allowing remote attackers to trigger memory consumption and cause a...

CVE-2012-2733

java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service memory consumption via a large amount of head...

Fixed in Apache Tomcat 6.0.36

Important: Denial of service CVE-2012-2733 The checks that limited the permitted size of request headers were implemented too late in the request parsing process for the HTTP NIO connector. This enabled a malicious user to trigger an OutOfMemoryError by sending a single request with very large...

Fixed in Apache Tomcat 7.0.28

Important: Denial of service CVE-2012-2733 The checks that limited the permitted size of request headers were implemented too late in the request parsing process for the HTTP NIO connector. This enabled a malicious user to trigger an OutOfMemoryError by sending a single request with very large...