60 matches found
Jakarta Tomcat 3.1 and 3.0 - Information Disclosure
Jakarta Tomcat 3.1 and 3.0 under Apache contain a vulnerability in the Snoop servlet that reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension, exploit requires remote access. id: CVE-2000-0760 info: name: Jakarta Tomcat 3.1 and 3.0 -...
EUVD-2001-0900
Malware in sbrugna...
EUVD-2003-0041
Malware in sbrugna...
EUVD-2000-0668
Malware in sbrugna...
EUVD-2022-1852
Malicious code in bioql PyPI...
K16828: Apache Tomcat vulnerability CVE-2005-2090
Security Advisory Description Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length...
Tomcat Vulnerable to Web Cache Poisoning
Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...
Jakarta Apache Tomcat Reveals Physical Paths
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path...
GHSA-QG4G-6JCQ-RW93 Jakarta Apache Tomcat Reveals Physical Paths
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path...
Jakarta Tomcat cross-site scripting (XSS) vulnerability
Multiple cross-site scripting XSS vulnerabilities in the 1 examples and 2 ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML...
GHSA-5HGM-QM5M-5VMW Jakarta Tomcat cross-site scripting (XSS) vulnerability
Multiple cross-site scripting XSS vulnerabilities in the 1 examples and 2 ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML...
Jakarta Tomcat Denial of Service vulnerability
Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service thread hang and resource consumption via a request for a JSP page containing an MS-DOS device name, such as aux.jsp...
Jakarta Tomcat Directory Listing vulnerability
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character...
GHSA-W97X-XFXF-F9XJ Jakarta Tomcat Denial of Service vulnerability
Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service thread hang and resource consumption via a request for a JSP page containing an MS-DOS device name, such as aux.jsp...
GHSA-QFW2-WVRW-MVW4 Jakarta Tomcat Directory Listing vulnerability
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character...
Information Disclosure
Jakarta Tomcat is vulnerable to information disclosure. An Error 404 generates an error message that contains the full file system page of the current context with the physical path, allowing a remote attacker to perform further attacks against the server...
Jakarta Tomcat 3.x/4.0 Error Message Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of the JSP file on the webserver...
SLES9: Security update for jakarta-tomcat
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: jakarta-tomcat For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5012618 within...
SLES9: Security update for Tomcat
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache-jakarta-tomcat-connectors apache2-jakarta-tomcat-connectors jakarta-tomcat jakarta-tomcat-doc jakarta-tomcat-examples For more information, please vis...
SLES9: Security update for Tomcat
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-jakarta-tomcat-connectors apache-jakarta-tomcat-connectors jakarta-tomcat jakarta-tomcat-doc jakarta-tomcat-examples For more information, please vis...