Download
| Alert*
oval:org.secpod.oval:def:601258
Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login for ... oval:org.secpod.oval:def:701594 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:203313 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encodin ... oval:org.secpod.oval:def:1500647 It was found that a fix for a previous security flaw introduced a regression that could cause a denial of service in Tomcat 7. A remote attacker could use this flaw to consume an excessive amount of CPU on the Tomcat server by sending a specially crafted request to that server. It was found that whe ... oval:org.secpod.oval:def:1600155 It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw t ... oval:org.secpod.oval:def:1500571 Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ... oval:org.secpod.oval:def:501323 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that a fix for a previous security flaw introduced a regression that could cause a denial of service in Tomcat 7. A remote attacker could use this flaw to consume an excessive amount of CPU on ... oval:org.secpod.oval:def:501271 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encodin ... oval:org.secpod.oval:def:107624 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:20835 The host is installed with Apache Tomcat 6.0.x before 6.0.39, 7.x before 7.0.47 or 8.x before 8.0.0-RC3 and is prone to information disclosure vulnerability. A flaw is present in the application, which does not properly handle certain inconsistent HTTP request headers. Successful exploitation allows ... oval:org.secpod.oval:def:602436 Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. |