[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2725-1 tomcat6 -- several

ID: oval:org.secpod.oval:def:601073Date: (C)2013-09-25   (M)2023-12-07
Class: PATCHFamily: unix




Two security issues have been found in the Tomcat servlet and JSP engine: CVE-2012-3544 The input filter for chunked transfer encodings could trigger high resource consumption through malformed CRLF sequences, resulting in denial of service. CVE-2013-2067 The FormAuthenticator module was vulnerable to session fixation.

Platform:
Debian 7.0
Debian 6.0
Product:
tomcat6
Reference:
DSA-2725-1
CVE-2012-3544
CVE-2013-2067
CVE-2012-2733
CVE-2012-3546
CVE-2012-4431
CVE-2012-4534
CVE-2012-5885
CVE-2012-5886
CVE-2012-5887
CVE    9
CVE-2013-2067
CVE-2012-3544
CVE-2012-3546
CVE-2012-2733
...
CPE    114
cpe:/a:apache:tomcat:6.0.6:alpha
cpe:/a:apache:tomcat:6.0
cpe:/a:apache:tomcat:6.0.0:alpha
cpe:/a:apache:tomcat:6.0.9:beta
...

© SecPod Technologies