Download
| Alert*
|
oval:org.secpod.oval:def:102261
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:102212 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:700303 Iida Minehiko discovered that Tomcat did not properly normalise paths. A remote attacker could send specially crafted requests to the server and bypass security restrictions, gaining access to sensitive content. Yoshihito Fukuyama discovered that Tomcat did not properly handle errors when the Java ... oval:org.secpod.oval:def:301232 Multiple security vulnerabilities has been identified and fixed in tomcat5: Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which al ... oval:org.secpod.oval:def:600224 Various vulnerabilities have been discovered in the Tomcat Servlet and JSP engine, resulting in denial of service, cross-site scripting, information disclosure and WAR file traversal oval:org.secpod.oval:def:3856 The host is installed with Apple Mac OS X Server before 10.6.3 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle the time parameter. Successful exploitation could allow remote attackers to inject arbitrary web script. oval:org.secpod.oval:def:20826 The host is installed with Apache Tomcat 5.5.0 through 5.5.27 or 6.0.0 through 6.0.18 and is prone to security bypass vulnerability. A flaw is present in the application, which fails handle a the time parameter. Successful exploitation allows remote attackers to inject arbitrary web script or HTML v ... oval:org.secpod.oval:def:101947 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:201701 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A flaw was found in the way Tomcat handled the Transfer-Encoding header in HTTP requests. A specially-crafted HTTP request could prevent Tomcat from sending replies, or cause Tomcat to return truncated repl ... oval:org.secpod.oval:def:201953 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A flaw was found in the way Tomcat handled the Transfer-Encoding header in HTTP requests. A specially-crafted HTTP request could prevent Tomcat from sending replies, or cause Tomcat to return truncated repl ... oval:org.secpod.oval:def:500429 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A flaw was found in the way Tomcat handled the Transfer-Encoding header in HTTP requests. A specially-crafted HTTP request could prevent Tomcat from sending replies, or cause Tomcat to return truncated repl ... oval:org.secpod.oval:def:202046 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacke ... oval:org.secpod.oval:def:202025 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacke ... oval:org.secpod.oval:def:300556 Multiple security vulnerabilities has been identified and fixed in tomcat5: Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which al ... oval:org.secpod.oval:def:500622 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacke ... |
