12 matches found
Medium: tomcat
Issue Overview: While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent...
OESA-2021-1075 tomcat security update
The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...
Caucho Technology Resin 1.2 JSP Source Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1986/info Resin is a servlet and JSP engine that supports java and javascript. ServletExec will return the source code of JSP files when an HTTP request is appended with certain characters. This vulnerability is dependent...
BEA WebLogic < 5.1 SP 11 JSP Source Disclosure
Binary data 1538.prm...
PT-2003-1602 · Sun · Sun One Application Server
Name of the Vulnerable Software and Affected Versions: Sun ONE Application Server version 7.0 Description: The issue allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension. Recommendations: For Sun ONE...
Oracle 9iAS _pages Directory Compiled JSP Source Disclosure
In a default installation of Oracle 9iAS it is possible to read the source of JSP files. When a JSP is requested it is compiled 'on the fly' and the resulting HTML page is returned to the user. Oracle 9iAS uses a folder to hold the intermediate files during compilation. These files are created in...
BEA WebLogic Hex Encoded Request JSP Source Disclosure
The version of BEA WebLogic installed on the remote host may be tricked into revealing the source code of JSP scripts by using simple URL encoding of characters in the filename extension. %NASLMINLEVEL 70300 This script was written by Gregory Duchemin See the Nessus Scripts License for details...
RESIN ServletExec JSP Source Disclosure Vulnerability(Apache 1.3.6 Win2k))
Resintm serves the fastest servlets and JSP. With Java and JavaScript support, Resin gives web applications the flexibility to choose the right language for the task. Resin's leading XSL XML stylesheet language support encourages separation of content from formatting. Resin provides a fast servle...
RESIN ServletExec JSP Source Disclosure Vulnerability(Resin Web Server)
Resintm serves the fastest servlets and JSP. With Java and JavaScript support, Resin gives web applications the flexibility to choose the right language for the task. Resin's leading XSL XML stylesheet language support encourages separation of content from formatting. Resin provides a standalone...
RESIN ServletExec JSP Source Disclosure Vulnerability(IIS 5)
Resintm serves the fastest servlets and JSP. With Java and JavaScript support, Resin gives web applications the flexibility to choose the right language for the task. Resin's leading XSL XML stylesheet language support encourages separation of content from formatting. Resin provides a fast servle...
Caucho Technology Resin 1.2 - JSP Source Disclosure
Caucho Technology Resin 1.2 - JSP Source Disclosure...
Unify eWave ServletExec 3 - .JSP Source Disclosure
Unify eWave ServletExec 3 - .JSP Source Disclosure...