English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.103202
Kategorie:Web Servers
Titel:Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
Zusammenfassung:Apache Commons Daemon is prone to a remote information-disclosure; vulnerability that affects the 'jsvc' library.
Beschreibung:Summary:
Apache Commons Daemon is prone to a remote information-disclosure
vulnerability that affects the 'jsvc' library.

Vulnerability Impact:
Remote attackers can exploit this issue to gain access to files and
directories owned by the superuser, through applications using the
affected library. This allows attackers to obtain sensitive
information that may aid in further attacks.

Affected Software/OS:
Versions prior to Commons Daemon 1.0.7 are vulnerable.

The following Apache Tomcat versions which use the affected library
are vulnerable:

Tomcat 7.0.0 through 7.0.19, Tomcat 6.0.30 through 6.0.32, Tomcat 5.5.32
through 5.5.33

Note: This issue affects applications running on Linux operating systems only.

Solution:
Updates are available. Please see the references for more information.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-2729
1025925
http://securitytracker.com/id?1025925
20110812 [SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)
http://www.securityfocus.com/archive/1/519263/100/0/threaded
46030
http://secunia.com/advisories/46030
49143
http://www.securityfocus.com/bid/49143
57126
http://secunia.com/advisories/57126
HPSBOV02762
http://marc.info/?l=bugtraq&m=133469267822771&w=2
HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
HPSBUX02725
http://marc.info/?l=bugtraq&m=132215163318824&w=2
HPSBUX02860
http://marc.info/?l=bugtraq&m=136485229118404&w=2
RHSA-2011:1291
http://www.redhat.com/support/errata/RHSA-2011-1291.html
RHSA-2011:1292
http://www.redhat.com/support/errata/RHSA-2011-1292.html
SSRT100627
SSRT100825
SSRT101146
[commons-dev] 20110812 [AANNOUNCE] Apache Commons Daemon 1.0.7 released
http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%3C4E451B2B.9090108%40apache.org%3E
[tomcat-announce] 20110812 [SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)
http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306%40apache.org%3E
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
http://people.apache.org/~markt/patches/2011-08-12-cve2011-2729-tc5.patch
http://svn.apache.org/viewvc?view=revision&revision=1152701
http://svn.apache.org/viewvc?view=revision&revision=1153379
http://svn.apache.org/viewvc?view=revision&revision=1153824
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-7.html
https://bugzilla.redhat.com/show_bug.cgi?id=730400
https://issues.apache.org/jira/browse/DAEMON-214
openSUSE-SU-2011:1062
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html
oval:org.mitre.oval:def:14743
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14743
oval:org.mitre.oval:def:19450
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19450
tomcat-jsvc-info-disclosure(69161)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69161
CopyrightCopyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.