27 matches found
Mageia: Security Advisory (MGASA-2018-0149)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3388-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0817-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: A Security vulnerability in Apache Tomcat used by Rational Build Forge (CVE-2017-15706)
Summary There is a potential security vulnerability in the Apache Tomcat used by Rational Build Forge. Vulnerability Details CVEID: CVE-2017-15706 DESCRIPTION: Apache Tomcat could provide weaker than expected security, caused by the incorrect documentation of the CGI search algorithm used by the...
CVE-2017-15706
As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a...
SUSE-SU-2018:3261-1 Security update for tomcat
This update for tomcat fixes the following issues: Version update to 7.0.90: - Another bugfix release, for full details see: https://tomcat.apache.org/tomcat-7.0-doc/changelog.html Security issues fixed: - CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a director...
Security Bulletin: Vulnerability in Apache Tomcat affects IBM Platform Symphony, IBM Spectrum Symphony (CVE-2017-15698, CVE-2017-15706, CVE-2018-1323, CVE-2018-1305, CVE-2018-1304)
Summary This interim fix provides instructions on upgrading Apache Tomcat from v5.5.36 to v7.0.88 in IBM Platform Symphony 6.1.1 and from v6.0.43 to v8.5.31 in IBM Platform Symphony 7.1 Fix Pack 1 in order to address a security vulnerability in Tomcat CVE-2017-15698, CVE-2017-15706, CVE-2018-1323...
Security Bulletin: Apache Tomcat vulnerability affects IBM Storwize V7000 Unified (CVE-2017-15706)
Summary Apache Tomcat CGI Servlet vulnerability Vulnerability Details CVEID: CVE-2017-15706 DESCRIPTION: Apache Tomcat could provide weaker than expected security, caused by the incorrect documentation of the CGI search algorithm used by the CGI Servlet to identify which script to execute. The...
Ubuntu: Security Advisory (USN-3665-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3665-1: Tomcat vulnerabilities
It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. CVE-2017-12616,...
SUSE-SU-2018:0817-1 Security update for tomcat
This update for tomcat fixes the following issues: Security issues fixed: - CVE-2018-1305: Fixed late application of security constraints that can lead to resource exposure for unauthorised users bsc1082481. - CVE-2018-1304: Fixed incorrect handling of empty string URL in security constraints tha...
Medium: tomcat80
Issue Overview: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration: As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The upda...
Amazon Linux AMI : tomcat8 (ALAS-2018-959)
Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correc...
Fedora 26 : 1:tomcat (2018-ac2e276c76)
This update includes a rebase from 8.0.47 to 8.0.49. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...
Low: tomcat8
Issue Overview: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The updat...
Amazon Linux AMI : tomcat7 (ALAS-2018-947)
Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration : As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not...
Apache Tomcat 8.5.16 < 8.5.24
The version of Tomcat installed on the remote host is prior to 8.5.24. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.24security-8 advisory. - As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23,...
Apache Tomcat 9.0.0.M22 < 9.0.2
The version of Tomcat installed on the remote host is prior to 9.0.2. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.2security-9 advisory. - As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.4...
Low: tomcat7
Issue Overview: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration: As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The upda...
Fedora 27 : 1:tomcat (2018-0b48740047)
This update includes a rebase from 8.0.47 to 8.0.49. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...