Tomcat: Multiple vulnerabilities

Background Tomcat is the Apache Jakarta Project's official implementation of Java Servlets and Java Server Pages. Description The following vulnerabilities were reported: Delian Krustev discovered that the JULI logging component does not properly enforce access restrictions, allowing web...

Apache Tomcat处理包含MS-DOS设备名请求信息泄漏漏洞

BUGTRAQ ID: 28484 CVE ID: CVE-2005-4703 CNCVE ID:CNCVE-20054703 Tomcat是一款由Apache软件基金会下属的Jakarta项目开发的一个Servlet容器。 Apache Tomcat 4.0.3不正确处理包含MS-DOS设备名的请求，远程攻击者可以利用漏洞获得敏感信息。 当请求的文件匹配MS-DOS文件名时，就会出现错误。服务器会返回包含安装路径等敏感信息。 Apache Software Foundation Tomcat 4.0.3 Apache Software Foundation Tomcat 4.0.3...