13 matches found
Security Bulletin: The IBM FlashSystem 840 product is affected by vulnerabilities in Apache Tomcat
Summary Security vulnerabilities have been discovered in Apache Tomcat Vulnerability Details CVE-ID: CVE-2013-4286, CVE-2013-4322, & CVE-2014-0033 DESCRIPTION: FlashSystem 840 uses Apache Tomcat. FlashSystem 840 runs an Apache Tomcat web server which enables the systems’ browser-based...
Security Bulletin: The IBM V840 product model number AE1 node is affected by vulnerabilities in Apache Tomcat
Summary Security vulnerabilities have been discovered in Apache Tomcat Vulnerability Details CVE-ID: CVE-2013-4286, CVE-2013-4322, & CVE-2014-0033 DESCRIPTION: FlashSystem V840-AE1 uses Apache Tomcat. FlashSystem V840-AE1 runs an Apache Tomcat web server which enables the systems’ browser-based...
Security Bulletin: Apache Tomcat security vulnerability issues on IBM Storwize V7000 Unified system (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)
Summary IBM Storwize V7000 Unified system is shipped with Apache Tomcat, for which fixes are available for four security vulnerabilities. Vulnerability Details CVEID: CVE-2013-4286 CVE-2014-0033 CVE-2013-4322 CVE-2013-4590 DESCRIPTION: Apache Tomcat is used in IBM Storwize V7000 Unified system fo...
Security Bulletin: Security vulnerabilities in Apache Tomcat for WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4(CVE-2013-4286,CVE-2012-3544,CVE-2013-4322,CVE-2013-4590,CVE-2014-0033)
Summary Security vulnerabilities exist in Apache Tomcat which is shipped with IBM WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4. Vulnerability Details CVE ID: CVE-2013-4286 DESCRIPTION: Apache Tomcat before 6.0.39, and 7.x before 7.0.47, when an HTTP connector or AJP connecto...
Debian DSA-3530-1 : tomcat6 - security update
Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
DLA-91-2 tomcat6 - regression update
Bulletin has no description...
Oracle Solaris Third-Party Patch Update : tomcat (multiple_vulnerabilities_in_apache_tomcat4)
The remote Solaris system is missing necessary patches to address security updates : - Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data...
[SECURITY] [DLA 91-1] tomcat6 security update
Package : tomcat6 Version : 6.0.41-2+squeeze5 CVE ID : CVE-2012-3439 CVE-2013-1571 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 Debian Bugs : 299635 608286 654136 659748 664072 665393 666256 668761 671373 677912 682955 687818 692440 695250 713796 717279 This is an upgrade from tomcat...
RHEL 5 / 6 : Red Hat JBoss Web Server 2.0.1 tomcat6 (RHSA-2014:0525)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0525 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update
Updated tomcat6 packages that fix multiple security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update
An update for the Apache Tomcat 6 component for Red Hat JBoss Web Server 2.0.1 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CV...
Ubuntu Update for tomcat7 USN-2130-1
Check for the Version of tomcat7 OpenVAS Vulnerability Test $Id: gbubuntuUSN21301.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for tomcat7 USN-2130-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...
CVE-2014-0033
CVE-2014-0033 affects Apache Tomcat 6.0.33–6.0.37, where the disableURLRewriting setting is not honored when a session ID is in a URL. This could allow remote attackers to hijack a valid user’s session via a crafted link. The vulnerability is documented in IBM advisories and the GHSA entry, which...