Download
| Alert*
oval:org.secpod.oval:def:20817
The host is installed with Apache Tomcat 5.5.0 through 5.5.20 or 6.0.0 through 6.0.8 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails handle the cookie in an https session. Successful exploitation allows remote attackers to obtain sensitive info ... oval:org.mitre.oval:def:7601 Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. The Common Vulnerabilities and Exposures project identifies the following problems: Olaf Kock discovered that HTTPS encryption was insufficiently enforced for single-sign-on cookies, which could result in infor ... |