Download
| Alert*
|
oval:org.secpod.oval:def:301162
Multiple vulnerabilities has been found and corrected in tomcat5: Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle double quote characters or \%5C sequences in a cookie value, which might cause sensitive information such as session IDs t ... oval:org.secpod.oval:def:202046 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacke ... oval:org.secpod.oval:def:202025 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacke ... oval:org.secpod.oval:def:500622 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacke ... oval:org.secpod.oval:def:300879 Apache Tomcat does not properly handle certain characters in a cookie value, which could possibly lead to the leak of sensitive information such as session IDs . The updated packages have been patched to prevent this issue. |
