MiracleLinux 3 : tomcat5-5.5.23-0jpp.40.0.1.AXS3 (AXSA:2013-538:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-538:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet...

MiracleLinux 3 : tomcat5-5.5.23-0jpp.38.0.1.AXS3 (AXSA:2013-370:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-370:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...

MiracleLinux 3 : tomcat5-5.5.23-0jpp.22.0.1.AXS3 (AXSA:2012-53:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-53:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java...

com.butor:butor-sso (=0.9.0), org.apache.geronimo.assemblies:geronimo-jetty7-javaee5 (>=2.2 <=2.2.1) +31 more potentially affected by CVE-2014-5326 via org.directwebremoting:dwr (=3.0.M1)

org.directwebremoting:dwr MAVEN version =3.0.M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.directwebremoting:dwr and may be impacted: - com.butor:butor-sso =0.9.0 - org.apache.geronimo.assemblies:geronimo-jetty7-javaee5 =2.2, =2.2, =2.2, =2.2,...

tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)

The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...

tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)

The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...

mod_jk chunk too long

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajpprocesscallback in modjk, which allows remote attackers to read portions of sensitive memory...

PT-2008-3473 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 5.5.9 through 5.5.26 Apache Tomcat versions 6.0.0 through 6.0.16 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the name parameter also known as the...