Download
| Alert*
|
oval:org.secpod.oval:def:1556
The host is installed with Apache Tomcat version 7.0.0 through 7.0.19, 6.0.0 through 6.0.33 and 5.5.0 through 5.5.34 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle HTTP APR or HTTP NIO connector when sendfile is enabled. Successful e ... oval:org.secpod.oval:def:700683 tomcat6: Servlet and JSP engine Tomcat could be made to crash or expose sensitive information over the network. oval:org.secpod.oval:def:301131 Multiple vulnerabilities has been discovered and corrected in tomcat 5.5.x: The implementation of HTTP DIGEST authentication in tomcat was discovered to have several weaknesses . Apache Tomcat, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in ... oval:org.secpod.oval:def:600727 Several vulnerabilities have been found in Tomcat, a servlet and JSP engine: CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 The HTTP Digest Access Authentication implementation performed insufficient countermeasures against replay attacks. CVE-2011-2204 In rare setups passwords were written ... oval:org.secpod.oval:def:500262 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. APR as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the Tomcat Native library, which ... oval:org.secpod.oval:def:102958 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:1503298 Updated tomcat6 packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ... oval:org.secpod.oval:def:103005 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:1000117 The host is missing a patch 122911-28 containing security fixes. oval:org.secpod.oval:def:202865 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. APR as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the Tomcat Native library, which ... oval:org.secpod.oval:def:1000019 The host is missing a patch 122912-28 containing security fixes. |
