Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2014/04/09 12:0 a.m.73 views

Debian DSA-2897-1 : tomcat7 - security update

Multiple security issues were found in the Tomcat servlet and JSP engine : - CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the log...

7.5CVSS6.9AI score0.83175EPSS
Exploits16References12
Debian
Debian
added 2014/04/08 6:25 p.m.38 views

[SECURITY] [DSA 2897-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2897-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 08, 2014 http://www.debian.org/security/faq -...

7.5CVSS9.1AI score0.83175EPSS
Exploits16
OpenVAS
OpenVAS
added 2014/04/08 12:0 a.m.38 views

Debian Security Advisory DSA 2897-1 (tomcat7 - security update)

Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login...

7.5CVSS0.2AI score0.83175EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2014/04/07 12:0 a.m.44 views

Debian: Security Advisory (DSA-2897-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.83175EPSS
Exploits16References3
securityvulns
securityvulns
added 2014/03/03 12:0 a.m.78 views

[security bulletin] HPSBMU02966 rev.1 - HP Operations Orchestration, Unauthorized Access to Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04125866 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04125866 Version: 1 HPSBMU02966 rev....

2.6CVSS0.4AI score0.06501EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.33 views

Amazon Linux AMI : tomcat7 (ALAS-2013-191)

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

2.6CVSS5.3AI score0.06501EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2013/07/03 3:38 p.m.51 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 update

Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.8CVSS7.2AI score0.22913EPSS
Exploits8References8
OSV
OSV
added 2013/07/01 7:8 p.m.7 views

MGASA-2013-0191 Updated tomcat7 packages fix CVE-2013-2071

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

2.6CVSS5.7AI score0.06501EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2013/06/06 12:0 a.m.48 views

Apache Tomcat Information Disclosure Vulnerability (May 2013) - Windows

Apache Tomcat is prone to an information disclosure vulnerability. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

2.6CVSS5.8AI score0.06501EPSS
Exploits2References3
CVE
CVE
added 2013/06/01 10:0 a.m.130 views

CVE-2013-2071

CVE-2013-2071 affects Apache Tomcat 7.x prior to 7.0.40, where AsyncContextImpl.java may mishandle a RuntimeException thrown from an AsyncListener, potentially exposing elements of a previous request to a current one when a request is recorded by an application. The vulnerability is rooted in the...

2.6CVSS5.7AI score0.06501EPSS
Exploits2References14Affected Software1
OpenVAS
OpenVAS
added 2013/05/31 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-1841-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.2AI score0.11001EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2013/05/26 12:0 a.m.32 views

Fedora 19 : tomcat-7.0.40-2.fc19 (2013-7979)

Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

2.6CVSS5.3AI score0.06501EPSS
Exploits2References5
Amazon
Amazon
added 2013/05/24 12:0 a.m.41 views

Low: tomcat7

Issue Overview: java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for...

2.6CVSS6.5AI score0.06501EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/05/23 12:0 a.m.33 views

Fedora Update for tomcat FEDORA-2013-7999

Check for the Version of tomcat OpenVAS Vulnerability Test Fedora Update for tomcat FEDORA-2013-7999 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

2.6CVSS6.3AI score0.06501EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2013/05/23 12:0 a.m.33 views

Fedora Update for tomcat FEDORA-2013-7993

Check for the Version of tomcat OpenVAS Vulnerability Test Fedora Update for tomcat FEDORA-2013-7993 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

2.6CVSS6.3AI score0.06501EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2013/05/23 12:0 a.m.23 views

Fedora Update for tomcat FEDORA-2013-7993

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS6.4AI score0.06501EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/05/22 12:0 a.m.35 views

Fedora 18 : tomcat-7.0.40-1.fc18 (2013-7993)

Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

2.6CVSS5.3AI score0.06501EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2013/05/22 12:0 a.m.34 views

Fedora 17 : tomcat-7.0.40-1.fc17 (2013-7999)

Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

2.6CVSS5.3AI score0.06501EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2013/05/15 12:0 a.m.109 views

Apache Tomcat 7.0.0 < 7.0.40 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.40. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.40security-7 advisory. - java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not proper...

6.8CVSS6.9AI score0.1399EPSS
Exploits2References6
securityvulns
securityvulns
added 2013/05/10 12:0 a.m.79 views

CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.39 Description: Bug 54178 described a scenario where elements of a previo...

2.6CVSS0.7AI score0.06501EPSS
Exploits2
Rows per page
Query Builder