[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:8234
The host is installed with Apache Tomcat 6.x before 6.0.36 or 7.x before 7.0.28 and is prone to denial of service vulnerability. A flaw is present in the application, which is caused when the NIO connector is used in conjunction with sendfile and HTTPS. Successful exploitation allows remote attacker ...

oval:org.secpod.oval:def:701135
tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat.

oval:org.secpod.oval:def:202639
Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal before the call to FormAuthenticator#authenticate , it was possible to bypass the security constraint checks in the FORM authenticato ...

oval:org.secpod.oval:def:601073
Two security issues have been found in the Tomcat servlet and JSP engine: CVE-2012-3544 The input filter for chunked transfer encodings could trigger high resource consumption through malformed CRLF sequences, resulting in denial of service. CVE-2013-2067 The FormAuthenticator module was vulnerable ...

oval:org.secpod.oval:def:104396
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ...

oval:org.secpod.oval:def:501021
Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal before the call to FormAuthenticator#authenticate , it was possible to bypass the security constraint checks in the FORM authenticato ...

oval:org.secpod.oval:def:1500116
Updated tomcat6 packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, are available ...

CPE    70
cpe:/a:apache:tomcat:6.0.6:alpha
cpe:/a:apache:tomcat:6.0
cpe:/a:apache:tomcat:6.0.18
cpe:/a:apache:tomcat:7.0.0:beta
...
CWE    1
CWE-399
*CVE
CVE-2012-4534

© SecPod Technologies