62 matches found
MiracleLinux 4 : tomcat6-6.0.24-64.AXS4 (AXSA:2014-284:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-284:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...
Linux Distros Unpatched Vulnerability : CVE-2013-4286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain...
Security Bulletin: Apache Tomcat vulnerabilities on IBM SAN Volume Controller and Storwize Family (CVE-2013-4286 CVE-2013-4322 CVE-2014-0075 CVE-2014-0099)
Summary Security Bulletin: Apache Tomcat vulnerabilities on IBM SAN Volume Controller and Storwize Family CVE-2013-4286 CVE-2013-4332 CVE-2014-0075 CVE-2014-0099 Vulnerability Details Security Bulletin --- Summary --- Apache Tomcat DoS and unauthorized access vulnerabilities Vulnerability Details...
Security Bulletin: The IBM FlashSystem 840 product is affected by vulnerabilities in Apache Tomcat
Summary Security vulnerabilities have been discovered in Apache Tomcat Vulnerability Details CVE-ID: CVE-2013-4286, CVE-2013-4322, & CVE-2014-0033 DESCRIPTION: FlashSystem 840 uses Apache Tomcat. FlashSystem 840 runs an Apache Tomcat web server which enables the systems’ browser-based...
Security Bulletin: Apache Tomcat vulnerabilities on IBM SAN Volume Controller and Storwize Family (CVE-2013-4286 CVE-2013-4332 CVE-2014-0075 CVE-2014-0099)
Summary Apache Tomcat DoS and unauthorized access vulnerabilities Vulnerability Details This bulletin relates to vulnerabilities in the Apache Tomcat component which is used to provide the product’s management GUI. The CLI interface is unaffected. CVEID:CVE-2013-4286 DESCRIPTION: Apache Tomcat is...
Mageia: Security Advisory (MGASA-2014-0148)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Authorization Bypass
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that when JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length heade...
Security Bulletin: Apache Tomcat vulnerabilities on IBM System Storage Storwize V7000 Unified (CVE-2013-4286 CVE-2013-4332 CVE-2014-0075 CVE-2014-0099)
Summary Apache Tomcat DoS and unauthorized access vulnerabilities Vulnerability Details This bulletin relates to vulnerabilities in the Apache Tomcat component which is used to provide the product’s management GUI. The CLI interface is unaffected. CVEID: CVE-2013-4286 DESCRIPTION: Apache Tomcat i...
Security Bulletin: The IBM V840 product model number AE1 node is affected by vulnerabilities in Apache Tomcat
Summary Security vulnerabilities have been discovered in Apache Tomcat Vulnerability Details CVE-ID: CVE-2013-4286, CVE-2013-4322, & CVE-2014-0033 DESCRIPTION: FlashSystem V840-AE1 uses Apache Tomcat. FlashSystem V840-AE1 runs an Apache Tomcat web server which enables the systems’ browser-based...
Security Bulletin: Apache Tomcat security vulnerability issues on IBM Storwize V7000 Unified system (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)
Summary IBM Storwize V7000 Unified system is shipped with Apache Tomcat, for which fixes are available for four security vulnerabilities. Vulnerability Details CVEID: CVE-2013-4286 CVE-2014-0033 CVE-2013-4322 CVE-2013-4590 DESCRIPTION: Apache Tomcat is used in IBM Storwize V7000 Unified system fo...
Security Bulletin: Open Source Apache Tomcat - 4 issues (CVE-2013-4286) for RAF
Summary Previous releases of IBM Rational Automation Framework RAF are affected by the vulnerabilitie in Apache Tomcat that may allow remote attackers to influence the availability of the Framework Server. Vulnerability Details | Subscribe to My Notifications to be notified of important product...
Security Bulletin: Rational Build Forge Security Advisory (CVE-2013-4286)
Summary IBM Rational Build Forge is shipped with an Apache Tomcat. Apache Tomcat has released a patch that contains security vulnerability fixes and BuildForge is affected. These fixes have been added to the Rational Build Forge 7.1.3.5 iFix2 and 8.0.0.2 release. Vulnerability Details | Subscribe...
Security Bulletin: Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by Apache Tomcat vulnerablity (CVE-2013-4286, CVE-2013-4322, CVE-2013-4590)
Summary Apache Tomcat is vulnerable affecting the Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more...
Security Bulletin: Security vulnerabilities in Apache Tomcat for WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4(CVE-2013-4286,CVE-2012-3544,CVE-2013-4322,CVE-2013-4590,CVE-2014-0033)
Summary Security vulnerabilities exist in Apache Tomcat which is shipped with IBM WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4. Vulnerability Details CVE ID: CVE-2013-4286 DESCRIPTION: Apache Tomcat before 6.0.39, and 7.x before 7.0.47, when an HTTP connector or AJP connecto...
Oracle Linux 7 : tomcat (ELSA-2017-2247)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2247 advisory. - Resolves: rhbz1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism - Resolves: rhbz1441481 CVE-2017-5647 tomcat: Incorre...
Debian DSA-3530-1 : tomcat6 - security update
Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Oracle: Security Advisory (ELSA-2014-0686)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : tomcat (MDVSA-2015:052)
Updated tomcat packages fix security vulnerabilities : Apache Tomcat 7.x before 7.0.47, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and...
Oracle Solaris Third-Party Patch Update : tomcat (multiple_vulnerabilities_in_apache_tomcat4)
The remote Solaris system is missing necessary patches to address security updates : - Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data...
DLA-91-2 tomcat6 - regression update
Bulletin has no description...