Download
| Alert*
oval:org.secpod.oval:def:20831
The host is installed with Apache Tomcat 5.5.0 through 5.5.29 or 6.0.0 through 6.0.26 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails handle a directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. Successful e ... oval:org.secpod.oval:def:600224 Various vulnerabilities have been discovered in the Tomcat Servlet and JSP engine, resulting in denial of service, cross-site scripting, information disclosure and WAR file traversal oval:org.secpod.oval:def:3124 The host is installed with Apache Tomcat in Apple Mac OS X 10.6.8 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a request for a resource that requires (1) BASIC or (2) DIGEST authentication. Successful exploitation could allow at ... oval:org.secpod.oval:def:301133 Multiple vulnerabilities has been found and corrected in tomcat5: Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. in an entry in a WAR file, as demonstrated by a ../../bin/catali ... oval:org.secpod.oval:def:301162 Multiple vulnerabilities has been found and corrected in tomcat5: Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle double quote characters or \%5C sequences in a cookie value, which might cause sensitive information such as session IDs t ... |