MiracleLinux 3 : tomcat5-5.5.23-0jpp.38.0.1.AXS3 (AXSA:2013-370:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-370:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...

MiracleLinux 4 : tomcat6-6.0.24-48.AXS4 (AXSA:2013-27:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-27:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet...

SUSE: Security Advisory (SUSE-SU-2013:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:0228-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Privilege Escalation

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

Oracle: Security Advisory (ELSA-2013-0623)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2013-0640)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 / 6 : tomcat5 (RHSA-2013:0641)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0641 advisory. Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls...

RHEL 6 : tomcat6 (RHSA-2013:0005)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0005 advisory. Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls...

RedHat Update for tomcat5 RHSA-2013:0640-01

The remote host is missing an update for the Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 5 : tomcat5 (CESA-2013:0640)

Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

Scientific Linux Security Update : tomcat6 on SL6.x (noarch) (20130311)

It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal before the call to FormAuthenticatorauthenticate such as the Single-Sign-On valve, it was possible to bypass the security constraint checks in the FORM authenticator by...

CentOS 6 : tomcat6 (CESA-2013:0623)

Updated tomcat6 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

Important: Red Hat Security Advisory: tomcat5 security update

An update for the Apache Tomcat 5 component for JBoss Enterprise Web Server 1.0.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...

Important: Red Hat Security Advisory: tomcat5 security update

Updated tomcat5 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score,...

tomcat5 security update

0:5.5.23-0jpp.38 - Resolves: CVE-2012-3439 rhbz882008 three DIGEST authentication - implementation - Resolves: CVE-2012-3546, rhbz913034 Bypass of security constraints. - Remove unneeded handling of FORM authentication in RealmBase...

tomcat6 security update

0:6.0.24-52 - Related: rhbz 882010 rhbz 883692 rhbz 883705 - Javadoc generation did not work. Using targetrhel-6.4.Z-noarch-candidate - to avoid building on ppc64, ppc, and x390x. 0:6.0.24-50 - Resolves: rhbz 882010 CVE-2012-3439 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 - three DIGEST...

Important: Red Hat Security Advisory: jbossweb security update

An update for JBoss Enterprise Portal Platform 5.2.2 and JBoss Enterprise SOA Platform 5.3.0 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scorin...

SuSE 11.2 Security Update : tomcat6 (SAT Patch Number 7208)

This update of tomcat6 fixes the following security issues : - denial of service. CVE-2012-4534 - tomcat: HTTP NIO connector OOM DoS via a request with large headers. CVE-2012-2733 - tomcat: cnonce tracking weakness. CVE-2012-5885 - tomcat: authentication caching weakness. CVE-2012-5886 - tomcat:...

SuSE 10 Security Update : tomcat5 (ZYPP Patch Number 8397)

This update of tomcat5 fixed the following security issues : - tomcat: cnonce tracking weakness. CVE-2012-5885 - tomcat: stale nonce weakness. CVE-2012-5887 - tomcat: authentication caching weakness. CVE-2012-5886 - tomcat: affected by slowloris DoS. CVE-2012-5568 - tomcat: Bypass of security...