10 matches found
[SECURITY] [DSA 5198-1] jetty9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5198-1 [email protected] https://www.debian.org/security/ Markus Koschany August 02, 2022 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4949-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4357-1 : libapache-mod-jk - security update
Raphael Arrouas and Jean Lejeune discovered an access control bypass vulnerability in modjk, the Apache connector for the Tomcat Java servlet engine. The vulnerability is addressed by upgrading modjk to the new upstream version 1.2.46, which includes additional changes. -...
Debian DSA-4278-1 : jetty9 - security update
Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in HTTP request smuggling. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4278. The text itself is...
Debian: Security Advisory (DLA-1021-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1021-1 : jetty8 security update
It was discovered that Jetty8, a Java servlet engine and webserver, was vulnerable to a timing attack which might reveal cryptographic credentials such as passwords to a local user. For Debian 7 'Wheezy', these problems have been fixed in version 8.1.3-4+deb7u1. We recommend that you upgrade your...
tomcat: Infinite loop in the processing of https requests
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop...
USN-1429-1: Jetty vulnerability
It was discovered that Jetty computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters...
CVE-2000-1025
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running...
CVE-2000-1025
CVE-2000-1025 affects eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier. A remote attacker can cause a denial of service by requesting a URL containing the '/servlet/' path, which invokes the ServletExec servlet and triggers an exception if it is already running. Impact: partia...