Lucene search
RootSSV:60407HistorySep 27, 2012 - 12:00 a.m.
Apache Tomcat重复请求处理安全漏洞(CVE-2007-6286)
2012-09-2700:00:00
Root
www.seebug.org
21
0.025 Low
EPSS
Percentile
88.9%
BUGTRAQ ID: 49470
CVE ID: CVE-2007-6286
Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
Apache Tomcat 5.5.11-5.5.25、6.0.0-6.0.15在使用了本地APR连接器后,没有正确处理到SSL端口的空请求,可允许远程攻击者触发处理最近一个服务器请求副本。
0
Apache Group Tomcat 6.x
Apache Group Tomcat 5.x
厂商补丁:
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
prion
prion
Server side request forgery (ssrf)
2008-02-12 01:00:00
ubuntucve
ubuntucve
CVE-2007-6286
2008-02-12 00:00:00
osv
osv
Apache Tomcat Does Not Properly Handle Empty Requests
2022-05-01 18:41:17
veracode
veracode
Replay Attack
2018-11-09 05:47:09
cve
cve
CVE-2007-6286
2008-02-12 01:00:00
github
github
Apache Tomcat Does Not Properly Handle Empty Requests
2022-05-01 18:41:17
openvas
openvas
Gentoo Security Advisory GLSA 200804-10 (tomcat)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200804-10 (tomcat)
2008-09-24 00:00:00
Fedora Update for tomcat5 FEDORA-2008-1603
2009-02-16 00:00:00
gentoo
gentoo
Tomcat: Multiple vulnerabilities
2008-04-10 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.26
2008-02-05 00:00:00
Fixed in Apache Tomcat 6.0.16
2008-02-08 00:00:00
nessus
nessus
Apache Tomcat < 5.5.26 Multiple Vulnerabilities
2010-07-01 00:00:00
GLSA-200804-10 : Tomcat: Multiple vulnerabilities
2008-04-17 00:00:00
Apache Tomcat < 6.0.16 Multiple Vulnerabilities
2010-07-01 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: tomcat5-5.5.26-1jpp.2.fc7
2008-02-13 04:55:03
[SECURITY] Fedora 8 Update: tomcat5-5.5.26-1jpp.2.fc8
2008-02-13 05:14:35
[SECURITY] Fedora 8 Update: tomcat5-5.5.27-0jpp.2.fc8
2008-09-16 23:28:35
vmware
vmware
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00