21 matches found
Debian DSA-2897-1 : tomcat7 - security update
Multiple security issues were found in the Tomcat servlet and JSP engine : - CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the log...
[SECURITY] [DSA 2897-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2897-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 08, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2897-1 (tomcat7 - security update)
Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login...
Debian: Security Advisory (DSA-2897-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[security bulletin] HPSBMU02966 rev.1 - HP Operations Orchestration, Unauthorized Access to Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04125866 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04125866 Version: 1 HPSBMU02966 rev....
Amazon Linux AMI : tomcat7 (ALAS-2013-191)
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 update
Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
MGASA-2013-0191 Updated tomcat7 packages fix CVE-2013-2071
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...
Apache Tomcat Information Disclosure Vulnerability (May 2013) - Windows
Apache Tomcat is prone to an information disclosure vulnerability. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2013-2071
CVE-2013-2071 affects Apache Tomcat 7.x prior to 7.0.40, where AsyncContextImpl.java may mishandle a RuntimeException thrown from an AsyncListener, potentially exposing elements of a previous request to a current one when a request is recorded by an application. The vulnerability is rooted in the...
Ubuntu: Security Advisory (USN-1841-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : tomcat-7.0.40-2.fc19 (2013-7979)
Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Low: tomcat7
Issue Overview: java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for...
Fedora Update for tomcat FEDORA-2013-7999
Check for the Version of tomcat OpenVAS Vulnerability Test Fedora Update for tomcat FEDORA-2013-7999 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for tomcat FEDORA-2013-7993
Check for the Version of tomcat OpenVAS Vulnerability Test Fedora Update for tomcat FEDORA-2013-7993 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for tomcat FEDORA-2013-7993
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 18 : tomcat-7.0.40-1.fc18 (2013-7993)
Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 17 : tomcat-7.0.40-1.fc17 (2013-7999)
Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Apache Tomcat 7.0.0 < 7.0.40 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 7.0.40. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.40security-7 advisory. - java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not proper...
CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.39 Description: Bug 54178 described a scenario where elements of a previo...