Lucene search
RootSSV:20861HistoryAug 17, 2011 - 12:00 a.m.
Apache Tomcat信息泄露漏洞(CVE-2011-2481)
2011-08-1700:00:00
Root
www.seebug.org
17
0.0004 Low
EPSS
Percentile
8.6%
BUGTRAQ ID: 49147
CVE ID: CVE-2011-2481
Tomcat是由Apache软件基金会下属的Jakarta项目开发的一个Servlet容器,按照Sun Microsystems提供的技术规范,实现了对Servlet和JavaServer Page(JSP)的支持,并提供了作为Web服务器的一些特有功能.
Tomcat在实现上存在本地信息泄露漏洞,本地攻击者可利用此漏洞泄露敏感信息。
此漏洞源于Jsvc库中的错误,没有解除应用程序访问超级用户拥有的文件和目录。
Apache Group Tomcat
厂商补丁:
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
openvas
openvas
Apache Tomcat Information Disclosure Vulnerability
2011-08-16 00:00:00
Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
2012-08-10 00:00:00
debiancve
debiancve
CVE-2011-2481
2011-08-15 21:55:00
osv
osv
Apache Tomcat Allows Replacing of XML Parser
2022-05-17 02:44:28
securityvulns
securityvulns
Apache Tomcat security vulnerabilities
2011-08-17 00:00:00
github
github
Apache Tomcat Allows Replacing of XML Parser
2022-05-17 02:44:28
ubuntucve
ubuntucve
CVE-2011-2481
2011-08-15 00:00:00
prion
prion
Design/Logic Flaw
2011-08-15 21:55:00
cve
cve
CVE-2011-2481
2011-08-15 21:55:00
nessus
nessus
Apache Tomcat 7.0.x < 7.0.17 Multiple Vulnerabilities
2011-08-01 00:00:00
Apache Tomcat 7.x < 7.0.17 Multiple Vulnerabilities
2011-08-03 00:00:00
GLSA-201206-24 : Apache Tomcat: Multiple vulnerabilities
2012-06-25 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.19
2011-07-19 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2012-06-24 00:00:00