Download
| Alert*
oval:org.secpod.oval:def:1000800
The remote host is missing a patch 152511-07 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000704 The remote host is missing a patch 152510-07 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2101475 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted r ... oval:org.secpod.oval:def:89044662 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache poisoning - CVE-2017 ... oval:org.secpod.oval:def:204699 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in Tomcat"s handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to b ... oval:org.secpod.oval:def:89044186 This update for tomcat6 fixes the following issues: - CVE-2021-25329: Fixed completely CVE-2020-9484 . - CVE-2021-24122: Fixed an information disclosure . - CVE-2017-12617: Fixed a file inclusion vulnerability through a crafted request . oval:org.secpod.oval:def:113407 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:113408 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:502190 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in Tomcat"s handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to b ... oval:org.secpod.oval:def:113662 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:502188 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in Tomcat"s handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to b ... oval:org.secpod.oval:def:1502052 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502051 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204700 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in Tomcat"s handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to b ... oval:org.secpod.oval:def:1900224 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22,8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by th ... oval:org.secpod.oval:def:1600797 A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution oval:org.secpod.oval:def:46881 The host is installed with Apache Tomcat 7.x before 7.0.82, 8.0.x before 8.0.47, 8.5.x before 8.5.23 or 9.0.0.M1 before 9.0.1 and is prone to an information disclosure vulnerability. A flaw is present in the readonly initialization parameter of the default servlet, when running with HTTP PUTs enable ... oval:org.secpod.oval:def:70429 tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:704098 tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:51047 tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. |