MiracleLinux 4 : tomcat6-6.0.24-33.AXS4 (AXSA:2011-642:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-642:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...

Improper Output Neutralization for Logs

Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs of ANSI escape sequences. When running in a console supporting ANSI escape sequences, an attacker can send specially crafted requests to manipulate the console and the clipboard, potentially...

SUSE CVE-2007-5342

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...

tomcat6 security and bug fix update

0:6.0.24-24 - Resolves: rhbz674601 - Removed wildcard in main %files that caused duplicate ownership - of log4j.properties 0:6.0.24-23 - Resolves: rhbz674601 - Reverse - tomcat user requires login shell - Reverse - rhbz 611244 tomcat-juli missing symlink - PM/QE decision to include only the...