Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

BUGTRAQSECURITYVULNS:VULN:8036

HistoryAug 14, 2007 - 12:00 a.m.

Apache Tomcat multiple security vulnerabilities

2007-08-1400:00:00

BUGTRAQ

vulners.com

JSON

Information leak on session cookies with ' or ". Crossite scripting in Host Manager servlet.

CPENameOperatorVersion
tomcateq5.5
tomcateq3.3
tomcateq4.1
tomcateq6.0
tomcateq5.0

Name	Operator	Version
tomcat	eq	5.5
tomcat	eq	3.3
tomcat	eq	4.1
tomcat	eq	6.0
tomcat	eq	5.0

References

vulners.com/securityvulns/securityvulns:doc:17779

vulners.com/securityvulns/securityvulns:doc:17780

vulners.com/securityvulns/securityvulns:doc:17781

nessus 28

redhat 7

centos 1

oraclelinux 1

openvas 25

exploitpack 1

prion 3

cve 3

packetstorm 1

tomcat 5

seebug 3

jvn 2

ubuntucve 3

github 2

debian 2

veracode 4

securityvulns 3

osv 4

exploitdb 1

altlinux 1

fedora 5

atlassian 2

nessus

RHEL 5 : tomcat (RHSA-2007:0871)

2007-09-26 00:00:00

Oracle Linux 5 : tomcat (ELSA-2007-0871)

2013-07-12 00:00:00

CentOS 5 : tomcat (CESA-2007:0871)

2010-01-06 00:00:00

redhat

(RHSA-2007:0871) Moderate: tomcat security update

2007-09-26 00:00:00

(RHSA-2007:0876) Moderate: tomcat security update

2007-10-11 00:00:00

(RHSA-2007:0950) Moderate: JBoss Enterprise Application Platform security update

2007-11-05 00:00:00

centos

tomcat5 security update

2007-09-28 08:11:50

oraclelinux

Moderate: tomcat security update

2007-09-26 00:00:00

openvas

Oracle Linux Local Check: ELSA-2007-0871

2015-10-08 00:00:00

Debian Security Advisory DSA 1447-1 (tomcat5.5)

2008-01-17 00:00:00

Mandriva Update for tomcat5 MDKSA-2007:241 (tomcat5)

2009-04-09 00:00:00

exploitpack

Apache Tomcat 6.0.15 - Cookie Quote Handling Remote Information Disclosure

2008-02-09 00:00:00

prion

Cross site scripting

2007-08-14 22:17:00

Design/Logic Flaw

2007-08-14 22:17:00

Code injection

2008-02-12 01:00:00

cve

CVE-2007-3386

2007-08-14 22:17:00

CVE-2007-3385

2007-08-14 22:17:00

CVE-2007-5333

2008-02-12 01:00:00

packetstorm

CVE-2007-3386.txt

2007-08-14 00:00:00

tomcat

Fixed in Apache Tomcat 5.5.25, 5.0.SVN

2007-09-08 00:00:00

Fixed in Apache Tomcat 6.0.14

2007-08-13 00:00:00

Fixed in Apache Tomcat 5.5.26

2008-02-05 00:00:00

seebug

Apache Tomcat Host Manager Servlet跨站脚本执行漏洞

2007-08-23 00:00:00

Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure Vulnerability

2014-07-01 00:00:00

Apache Tomcat多个远程信息泄露漏洞

2007-08-23 00:00:00

jvn

JVN#59851336 Apache Tomcat Host Manager cross-site scripting vulnerability

2007-08-15 00:00:00

JVN#09470767 Apache Tomcat fails to properly handle cookie value

2008-02-12 00:00:00

ubuntucve

CVE-2007-3386

2007-08-14 00:00:00

CVE-2007-3385

2007-08-14 00:00:00

CVE-2007-5333

2008-02-12 00:00:00

github

Apache Tomcat Mishandles Character Sequence in Cookies

2022-05-01 18:13:14

Exposure of Sensitive Information in Apache Tomcat

2022-05-01 18:32:19

debian

[SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

2008-01-03 21:54:49

[SECURITY] [DSA 1453-1] New tomcat5 packages fix several vulnerabilities

2008-01-07 18:41:20

veracode

Information Disclosure

2019-03-25 08:40:44

Cross-Site Scripting (XSS)

2018-11-12 09:08:34

Session Hijacking

2018-11-12 08:37:47

securityvulns

CVE-2007-3386: XSS in Host Manager

2007-08-14 00:00:00

CVE-2007-3385: Handling of \" in cookies

2007-08-14 00:00:00

CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

2009-01-28 00:00:00

osv

tomcat5.5 several vulnerabilities

2008-01-03 00:00:00

Apache Tomcat Mishandles Character Sequence in Cookies

2022-05-01 18:13:14

Exposure of Sensitive Information in Apache Tomcat

2022-05-01 18:32:19

exploitdb

Apache Tomcat 6.0.15 - Cookie Quote Handling Remote Information Disclosure

2008-02-09 00:00:00

altlinux

Security fix for the ALT Linux 5 package tomcat5 version 0:5.5.25-alt1_1.1jpp5.0

2007-11-30 00:00:00

fedora

[SECURITY] Fedora 8 Update: tomcat5-5.5.25-1jpp.1.fc8

2007-11-17 05:37:36

[SECURITY] Fedora 7 Update: tomcat5-5.5.25-1jpp.1.fc7

2007-11-17 05:34:43

[SECURITY] Fedora 7 Update: tomcat5-5.5.26-1jpp.2.fc7

2008-02-13 04:55:03

atlassian

Upgrade standalone Tomcat to 5.5.25

2008-01-15 04:23:59

Upgrade standalone Tomcat to 5.5.25

2008-01-15 04:23:59

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for SECURITYVULNS:VULN:8036