MiracleLinux 3 : resin-3.1.9-1AXS3 (AXSA:2009-48:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-48:01 advisory. Resin Open Source provides JSP, Servlet, and EJB functionality under the GPL license. Fixed bugs: CVE-2008-2462 Cross-site scripting XSS vulnerability in the...

EUVD-2000-1206

Malware in sbrugna...

EUVD-2002-1969

Malware in sbrugna...

EUVD-2012-2946

Malware in sbrugna...

CVE-2002-1989

Resin 2.1.1 allows remote attackers to cause a denial of service thread and connection consumption via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp...

acegisecurity:acegi-security-resin (=0.9.0), ch.qos.logback:logback-access (>=${parent.version} <=0.3) +3 more potentially affected by CVE-2012-2967 via com.caucho:resin (=3.0.9)

com.caucho:resin MAVEN version =3.0.9 is affected by a known vulnerability. The following packages have a transitive dependency on com.caucho:resin and may be impacted: - acegisecurity:acegi-security-resin =0.9.0 - ch.qos.logback:logback-access =$parent.version, =2.3.0, =1.0.0, =2.0.0, =2.0.4...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the SERVER superglobal array. An attacker can overwrite entries in this array by sending crafted POST parameters. Remediation Upgrade com.caucho:resin to...

Caucho Technology Resin 1.2 JSP Source Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1986/info Resin is a servlet and JSP engine that supports java and javascript. ServletExec will return the source code of JSP files when an HTTP request is appended with certain characters. This vulnerability is dependent...

Caucho Technology Resin 2.1.12 Directory Listings Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9617/info It has been reported that Resin may be prone to an information disclosure vulnerability that may allow an attacker to disclose directory listings by passing malicious data via a URI parameter. The issue has been...

Resin < 3.0.19 Directory Traversal and Path Disclosure Vulnerabilities

Binary data 3621.prm...

CVE-2001-0828

The CVE-2001-0828 entry concerns Caucho Technology Resin (versions up to and including 1.2.3) vulnerable to cross-site scripting. According to the sources, the issue occurs when a web site embeds Javascript in a hyperlink that ends in .jsp, and the error page does not properly quote the Javascrip...

CVE-2001-0304

Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a ".." dot dot in a URL request...