Moderate: Red Hat Security Advisory: tomcat6 security update

An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Debian Security Advisory DSA 3755-1 (tomcat8 - security update)

It was discovered that incorrect error handling in the NIO HTTP connector of the Tomcat servlet and JSP engine could result in information disclosure. OpenVAS Vulnerability Test $Id: deb3755.nasl 7026 2017-08-31 06:13:04Z asteins $ Auto-generated from advisory DSA 3755-1 using nvtgen 1.0 Script...

[SECURITY] Fedora 25 Update: tomcat-8.0.39-1.fc25

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

[SECURITY] Fedora 24 Update: tomcat-8.0.38-1.fc24

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

Moderate: Red Hat Security Advisory: tomcat security, bug fix, and enhancement update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Apache Tomcat on Debian-Based Distros - Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits ============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-1240 - Release date: 30.09.2016 - Revision: 1 - Severity: High...

Debian Security Advisory DSA 3670-1 (tomcat8 - security update)

Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation. OpenVAS Vulnerability Test $Id: deb3670.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3670-1 using nvtgen 1.0 Script...

[SECURITY] Fedora 25 Update: tomcat-8.0.36-2.fc25

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

[SECURITY] Fedora 24 Update: struts-1.3.10-18.fc24

Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages JSP technology. Struts encourages application architectures based on the Model-View-Controller MVC design paradigm,...

[SECURITY] Fedora 23 Update: struts-1.3.10-18.fc23

Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages JSP technology. Struts encourages application architectures based on the Model-View-Controller MVC design paradigm,...

VulnCheck KEV: CVE-2010-5326

SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request...

[SECURITY] Fedora 22 Update: tomcat-7.0.68-3.fc22

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

CentOS Update for tomcat6 CESA-2016:0492 centos6

Check the version of tomcat6 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882434";...

RHEL 6 : tomcat6 (RHSA-2016:0492)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0492 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was found that the expression language resolver...

RedHat Update for tomcat6 RHSA-2016:0492-01

The remote host is missing an update for the Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DLA-435-1 tomcat6 - security update

Bulletin has no description...

Debian Security Advisory DSA 3447-1 (tomcat7 - security update)

It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section. OpenVAS Vulnerability Test $Id: deb3447.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from...

[SECURITY] Fedora 22 Update: struts-1.3.10-14.fc22

Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages JSP technology. Struts encourages application architectures based on the Model-View-Controller MVC design paradigm,...

大汉网络 opr_licenceinfo.jsp 后台登陆认证绕过

//在/jcms/setup/oprlicenceinfo.jsp文件中 //获取Session中cookieusername的值，赋值给strUser String strUser = Stringsessions.getAttribute"cookieusername"; // 判断strUser值 是否为空？ if strUser == null || strUser.trim.length == 0 out.println'请先登录!' return; //如果为空，则未登录，直接返回 // 如果不为空，说明已经登录...