Download
| Alert*
oval:org.secpod.oval:def:701594
tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:602436 Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. oval:org.secpod.oval:def:20838 The host is installed with Apache Tomcat 6.0.33 before 6.0.38 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted URL. Successful exploitation allows remote attackers to conduct session fixation attacks. |