Lucene search
Ubuntu.comUB:CVE-2010-1157HistoryApr 23, 2010 - 12:00 a.m.
CVE-2010-1157
2010-04-2300:00:00
ubuntu.com
ubuntu.com
12
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.154 Low
EPSS
Percentile
95.8%
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow
remote attackers to discover the serverโs hostname or IP address by sending
a request for a resource that requires (1) BASIC or (2) DIGEST
authentication, and then reading the realm field in the WWW-Authenticate
header in the reply.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1157>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587447>
Notes
| Author | Note |
|---|---|
| mdeslaur | upstream patch changes the default realm name. This may have too great an impact of existing installations to be worthwhile backporting. Ignoring. |
Related
prion
prion
Authentication flaw
2010-04-23 14:30:00
seebug
seebug
Apache Tomcat v. 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 information disclosure vulnerability
2010-04-23 00:00:00
Apache Tomcat่ฎค่ฏๅคดไฟกๆฏๆณ้ฒๆผๆด
2010-04-26 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability
2010-04-23 00:00:00
Apache Tomcat information leak
2010-04-23 00:00:00
Apple OS X multiple security vulnerabilities
2011-10-24 00:00:00
openvas
openvas
FreeBSD Ports: tomcat
2010-05-04 00:00:00
FreeBSD Ports: tomcat
2010-05-04 00:00:00
Apache Tomcat Security bypass vulnerability
2010-04-29 00:00:00
nessus
nessus
FreeBSD : tomcat -- information disclosure vulnerability (3383e706-4fc3-11df-83fb-0015587e2cc1)
2010-04-26 00:00:00
openSUSE Security Update : tomcat6 (openSUSE-SU-2010:0616-1)
2010-09-16 00:00:00
Apache Tomcat 6.0.x < 6.0.28 Multiple Vulnerabilities
2011-02-11 00:00:00
exploitpack
exploitpack
Apache Tomcat 5.5.0 5.5.29 6.0.0 6.0.26 - Information Disclosure
2010-04-22 00:00:00
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-02 06:19:37
cve
cve
CVE-2010-1157
2010-04-23 14:30:00
freebsd
freebsd
tomcat -- information disclosure vulnerability
2010-04-22 00:00:00
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-02 06:19:37
exploitdb
exploitdb
Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.26 - Information Disclosure
2010-04-22 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 6.0.28
2010-07-09 00:00:00
Fixed in Apache Tomcat 5.5.30
2010-07-09 00:00:00
redhat
redhat
(RHSA-2010:0584) Important: jbossweb security update
2010-08-02 00:00:00
(RHSA-2011:0897) Moderate: JBoss Enterprise Web Server 1.0.2 update
2011-06-22 00:00:00
debian
debian
[SECURITY] [DSA 2207-1] tomcat5.5 security update
2011-03-29 22:35:34
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2012-06-24 00:00:00
ibm
ibm
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.154 Low
EPSS
Percentile
95.8%
Related for UB:CVE-2010-1157