English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.71550
Categoría:Gentoo Local Security Checks
Título:Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
Resumen:The remote host is missing updates announced in;advisory GLSA 201206-24.
Descripción:Summary:
The remote host is missing updates announced in
advisory GLSA 201206-24.

Vulnerability Insight:
Multiple vulnerabilities were found in Apache Tomcat, the worst of
which allowing to read, modify and overwrite arbitrary files.

Solution:
All Apache Tomcat 6.0.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-servers/tomcat-6.0.35'


All Apache Tomcat 7.0.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-servers/tomcat-7.0.23'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5515
20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability
http://www.securityfocus.com/archive/1/504170/100/0/threaded
20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability
http://www.securityfocus.com/archive/1/504202/100/0/threaded
20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
http://www.securityfocus.com/archive/1/507985/100/0/threaded
263529
http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1
35263
http://www.securityfocus.com/bid/35263
35393
http://secunia.com/advisories/35393
35685
http://secunia.com/advisories/35685
35788
http://secunia.com/advisories/35788
37460
http://secunia.com/advisories/37460
39317
http://secunia.com/advisories/39317
42368
http://secunia.com/advisories/42368
44183
http://secunia.com/advisories/44183
ADV-2009-1520
http://www.vupen.com/english/advisories/2009/1520
ADV-2009-1535
http://www.vupen.com/english/advisories/2009/1535
ADV-2009-1856
http://www.vupen.com/english/advisories/2009/1856
ADV-2009-3316
http://www.vupen.com/english/advisories/2009/3316
ADV-2010-3056
http://www.vupen.com/english/advisories/2010/3056
APPLE-SA-2010-03-29-1
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
DSA-2207
http://www.debian.org/security/2011/dsa-2207
FEDORA-2009-11352
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
FEDORA-2009-11356
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
FEDORA-2009-11374
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
HPSBMA02535
http://marc.info/?l=bugtraq&m=127420533226623&w=2
HPSBUX02579
http://marc.info/?l=bugtraq&m=129070310906557&w=2
HPSBUX02860
http://marc.info/?l=bugtraq&m=136485229118404&w=2
JVN#63832775
http://jvn.jp/en/jp/JVN63832775/index.html
MDVSA-2009:136
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
MDVSA-2009:138
http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
MDVSA-2010:176
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
SSRT100029
SSRT100203
SSRT101146
SUSE-SR:2009:012
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
SUSE-SR:2010:008
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
http://support.apple.com/kb/HT4077
http://tomcat.apache.org/security-4.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
oval:org.mitre.oval:def:10422
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422
oval:org.mitre.oval:def:19452
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452
oval:org.mitre.oval:def:6445
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445
Common Vulnerability Exposure (CVE) ID: CVE-2009-0033
1022331
http://securitytracker.com/id?1022331
20090603 [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector
http://www.securityfocus.com/archive/1/504044/100/0/threaded
35193
http://www.securityfocus.com/bid/35193
35326
http://secunia.com/advisories/35326
35344
http://secunia.com/advisories/35344
ADV-2009-1496
http://www.vupen.com/english/advisories/2009/1496
HPSBOV02762
http://marc.info/?l=bugtraq&m=133469267822771&w=2
JVN#87272440
http://jvn.jp/en/jp/JVN87272440/index.html
SSRT100825
http://svn.apache.org/viewvc?rev=742915&view=rev
http://svn.apache.org/viewvc?rev=781362&view=rev
oval:org.mitre.oval:def:10231
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10231
oval:org.mitre.oval:def:19110
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19110
oval:org.mitre.oval:def:5739
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5739
tomcat-ajp-dos(50928)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50928
Common Vulnerability Exposure (CVE) ID: CVE-2009-0580
1022332
http://securitytracker.com/id?1022332
20090603 [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication
http://www.securityfocus.com/archive/1/504045/100/0/threaded
20090604 Re: [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication
http://www.securityfocus.com/archive/1/504108/100/0/threaded
20090605 [SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication
http://www.securityfocus.com/archive/1/504125/100/0/threaded
35196
http://www.securityfocus.com/bid/35196
http://svn.apache.org/viewvc?rev=747840&view=rev
http://svn.apache.org/viewvc?rev=781379&view=rev
http://svn.apache.org/viewvc?rev=781382&view=rev
oval:org.mitre.oval:def:18915
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18915
oval:org.mitre.oval:def:6628
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6628
oval:org.mitre.oval:def:9101
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9101
tomcat-jsecuritycheck-info-disclosure(50930)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50930
Common Vulnerability Exposure (CVE) ID: CVE-2009-0781
20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application
http://www.securityfocus.com/archive/1/501538/100/0/threaded
oval:org.mitre.oval:def:11041
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11041
oval:org.mitre.oval:def:19345
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19345
oval:org.mitre.oval:def:6564
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6564
tomcat-cal2-xss(49213)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49213
Common Vulnerability Exposure (CVE) ID: CVE-2009-0783
1022336
http://www.securitytracker.com/id?1022336
20090604 [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure
http://www.securityfocus.com/archive/1/504090/100/0/threaded
35416
http://www.securityfocus.com/bid/35416
http://svn.apache.org/viewvc?rev=652592&view=rev
http://svn.apache.org/viewvc?rev=681156&view=rev
http://svn.apache.org/viewvc?rev=739522&view=rev
http://svn.apache.org/viewvc?rev=781542&view=rev
http://svn.apache.org/viewvc?rev=781708&view=rev
https://issues.apache.org/bugzilla/show_bug.cgi?id=29936
https://issues.apache.org/bugzilla/show_bug.cgi?id=45933
oval:org.mitre.oval:def:10716
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10716
oval:org.mitre.oval:def:18913
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18913
oval:org.mitre.oval:def:6450
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6450
tomcat-xml-information-disclosure(51195)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51195
Common Vulnerability Exposure (CVE) ID: CVE-2009-2693
BugTraq ID: 37944
http://www.securityfocus.com/bid/37944
Bugtraq: 20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration (Google Search)
http://www.securityfocus.com/archive/1/509148/100/0/threaded
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Debian Security Information: DSA-2207 (Google Search)
HPdes Security Advisory: HPSBMA02535
HPdes Security Advisory: HPSBOV02762
HPdes Security Advisory: HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
HPdes Security Advisory: HPSBUX02541
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113
HPdes Security Advisory: HPSBUX02860
HPdes Security Advisory: SSRT100029
HPdes Security Advisory: SSRT100145
HPdes Security Advisory: SSRT100825
HPdes Security Advisory: SSRT101146
http://www.mandriva.com/security/advisories?name=MDVSA-2010:177
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017
http://www.redhat.com/support/errata/RHSA-2010-0119.html
http://www.redhat.com/support/errata/RHSA-2010-0580.html
http://www.redhat.com/support/errata/RHSA-2010-0582.html
http://securitytracker.com/id?1023505
http://secunia.com/advisories/38316
http://secunia.com/advisories/38346
http://secunia.com/advisories/38541
http://secunia.com/advisories/38687
http://secunia.com/advisories/40330
http://secunia.com/advisories/40813
http://secunia.com/advisories/43310
http://secunia.com/advisories/57126
SuSE Security Announcement: SUSE-SR:2010:008 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:1700 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
SuSE Security Announcement: openSUSE-SU-2012:1701 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
SuSE Security Announcement: openSUSE-SU-2013:0147 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
http://ubuntu.com/usn/usn-899-1
http://www.vupen.com/english/advisories/2010/0213
http://www.vupen.com/english/advisories/2010/1559
http://www.vupen.com/english/advisories/2010/1986
XForce ISS Database: tomcat-war-directory-traversal(55855)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55855
Common Vulnerability Exposure (CVE) ID: CVE-2009-2901
1023503
http://securitytracker.com/id?1023503
20100124 [SECURITY] CVE-2009-2901 Apache Tomcat insecure partial deploy after failed undeploy
http://www.securityfocus.com/archive/1/509151/100/0/threaded
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
37942
http://www.securityfocus.com/bid/37942
38316
38346
38541
43310
57126
ADV-2010-0213
HPSBST02955
MDVSA-2010:177
USN-899-1
http://svn.apache.org/viewvc?rev=892815&view=rev
http://svn.apache.org/viewvc?rev=902650&view=rev
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
openSUSE-SU-2012:1700
openSUSE-SU-2012:1701
openSUSE-SU-2013:0147
tomcat-autodeploy-security-bypass(55856)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55856
Common Vulnerability Exposure (CVE) ID: CVE-2009-2902
1023504
http://securitytracker.com/id?1023504
20100124 [SECURITY] CVE-2009-2902 Apache Tomcat unexpected file deletion in work directory
http://www.securityfocus.com/archive/1/509150/100/0/threaded
37945
http://www.securityfocus.com/bid/37945
38687
40330
40813
ADV-2010-1559
ADV-2010-1986
HPSBUX02541
RHSA-2010:0119
RHSA-2010:0580
RHSA-2010:0582
SSRT100145
apache-tomcat-war-directory-traversal(55857)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55857
oval:org.mitre.oval:def:19431
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19431
oval:org.mitre.oval:def:7092
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7092
Common Vulnerability Exposure (CVE) ID: CVE-2010-1157
20100421 [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability
http://www.securityfocus.com/archive/1/510879/100/0/threaded
39574
http://secunia.com/advisories/39574
39635
http://www.securityfocus.com/bid/39635
ADV-2010-0980
http://www.vupen.com/english/advisories/2010/0980
APPLE-SA-2011-10-12-3
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
RHSA-2011:0896
http://www.redhat.com/support/errata/RHSA-2011-0896.html
RHSA-2011:0897
http://www.redhat.com/support/errata/RHSA-2011-0897.html
SUSE-SR:2010:017
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://support.apple.com/kb/HT5002
http://svn.apache.org/viewvc?view=revision&revision=936540
http://svn.apache.org/viewvc?view=revision&revision=936541
oval:org.mitre.oval:def:19492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19492
Common Vulnerability Exposure (CVE) ID: CVE-2010-2227
BugTraq ID: 41544
http://www.securityfocus.com/bid/41544
Bugtraq: 20100709 [SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/512272/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050214.html
HPdes Security Advisory: HPSBUX02579
HPdes Security Advisory: SSRT100203
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18532
http://www.redhat.com/support/errata/RHSA-2010-0581.html
http://www.redhat.com/support/errata/RHSA-2010-0583.html
http://securitytracker.com/id?1024180
http://secunia.com/advisories/41025
http://secunia.com/advisories/42079
http://secunia.com/advisories/42454
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://www.vupen.com/english/advisories/2010/2868
XForce ISS Database: tomcat-transferencoding-dos(60264)
https://exchange.xforce.ibmcloud.com/vulnerabilities/60264
Common Vulnerability Exposure (CVE) ID: CVE-2010-3718
1025025
http://www.securitytracker.com/id?1025025
20110205 [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions
http://www.securityfocus.com/archive/1/516211/100/0/threaded
43192
http://secunia.com/advisories/43192
45022
http://secunia.com/advisories/45022
46177
http://www.securityfocus.com/bid/46177
8072
http://securityreason.com/securityalert/8072
DSA-2160
http://www.debian.org/security/2011/dsa-2160
HPSBUX02645
http://marc.info/?l=bugtraq&m=130168502603566&w=2
HPSBUX02725
http://marc.info/?l=bugtraq&m=132215163318824&w=2
MDVSA-2011:030
http://www.mandriva.com/security/advisories?name=MDVSA-2011:030
RHSA-2011:0791
http://www.redhat.com/support/errata/RHSA-2011-0791.html
RHSA-2011:1845
http://www.redhat.com/support/errata/RHSA-2011-1845.html
SSRT100627
SUSE-SR:2011:005
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html
http://tomcat.apache.org/security-7.html
oval:org.mitre.oval:def:12517
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12517
oval:org.mitre.oval:def:13969
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13969
oval:org.mitre.oval:def:19379
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19379
tomcat-servletcontect-sec-bypass(65159)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65159
Common Vulnerability Exposure (CVE) ID: CVE-2010-4172
1024764
http://securitytracker.com/id?1024764
20101122 [SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0285.html
http://www.securityfocus.com/archive/1/514866/100/0/threaded
42337
http://secunia.com/advisories/42337
43019
http://secunia.com/advisories/43019
45015
http://www.securityfocus.com/bid/45015
ADV-2010-3047
http://www.vupen.com/english/advisories/2010/3047
ADV-2011-0203
http://www.vupen.com/english/advisories/2011/0203
USN-1048-1
http://www.ubuntu.com/usn/USN-1048-1
http://svn.apache.org/viewvc?view=revision&revision=1037778
http://svn.apache.org/viewvc?view=revision&revision=1037779
https://bugzilla.redhat.com/show_bug.cgi?id=656246
tomcat-sessionlist-xss(63422)
https://exchange.xforce.ibmcloud.com/vulnerabilities/63422
Common Vulnerability Exposure (CVE) ID: CVE-2010-4312
Bugtraq: 20101122 [SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-0013
1025026
http://www.securitytracker.com/id?1025026
20110205 [SECURITY] CVE-2011-0013 Apache Tomcat Manager XSS vulnerability
http://www.securityfocus.com/archive/1/516209/30/90/threaded
46174
http://www.securityfocus.com/bid/46174
8093
http://securityreason.com/securityalert/8093
ADV-2011-0376
http://www.vupen.com/english/advisories/2011/0376
http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.32
http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.30
http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.6_%28released_14_Jan_2011%29
https://bugzilla.redhat.com/show_bug.cgi?id=675786
oval:org.mitre.oval:def:12878
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12878
oval:org.mitre.oval:def:14945
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14945
oval:org.mitre.oval:def:19269
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19269
Common Vulnerability Exposure (CVE) ID: CVE-2011-0534
BugTraq ID: 46164
http://www.securityfocus.com/bid/46164
Bugtraq: 20110205 [SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability (Google Search)
http://www.securityfocus.com/archive/1/516214/100/0/threaded
Debian Security Information: DSA-2160 (Google Search)
http://osvdb.org/70809
http://www.securitytracker.com/id?1025027
http://securityreason.com/securityalert/8074
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://www.vupen.com/english/advisories/2011/0293
XForce ISS Database: tomcat-nio-connector-dos(65162)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65162
Common Vulnerability Exposure (CVE) ID: CVE-2011-1088
1025215
http://www.securitytracker.com/id?1025215
20110315 [SECURITY] CVE-2011-1088 Apache Tomcat security constraint bypass
http://www.securityfocus.com/archive/1/517013/100/0/threaded
43684
http://secunia.com/advisories/43684
46685
http://www.securityfocus.com/bid/46685
71027
http://www.osvdb.org/71027
ADV-2011-0563
http://www.vupen.com/english/advisories/2011/0563
[announce] 20110302 [SECURITY] Tomcat 7 ignores @ServletSecurity annotations
http://mail-archives.apache.org/mod_mbox/www-announce/201103.mbox/%3C4D6E74FF.7050106%40apache.org%3E
[users] 20110302 Re: @DenyAll does nothing
http://markmail.org/message/lzx5273wsgl5pob6
http://markmail.org/message/yzmyn44f5aetmm2r
http://svn.apache.org/viewvc?view=revision&revision=1076586
http://svn.apache.org/viewvc?view=revision&revision=1076587
http://svn.apache.org/viewvc?view=revision&revision=1077995
tomcat-servletsecurity-sec-bypass(65971)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65971
Common Vulnerability Exposure (CVE) ID: CVE-2011-1183
20110406 [SECURITY] CVE-2011-1183 Apache Tomcat security constraint bypass
http://seclists.org/fulldisclosure/2011/Apr/96
http://www.securityfocus.com/archive/1/517362/100/0/threaded
47196
http://www.securityfocus.com/bid/47196
8187
http://securityreason.com/securityalert/8187
http://svn.apache.org/viewvc?view=revision&revision=1087643
oval:org.mitre.oval:def:12701
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12701
tomcat-webxml-security-bypass(66675)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66675
Common Vulnerability Exposure (CVE) ID: CVE-2011-1184
DSA-2401
http://www.debian.org/security/2012/dsa-2401
MDVSA-2011:156
http://www.mandriva.com/security/advisories?name=MDVSA-2011:156
RHSA-2012:0074
http://rhn.redhat.com/errata/RHSA-2012-0074.html
RHSA-2012:0075
http://rhn.redhat.com/errata/RHSA-2012-0075.html
RHSA-2012:0076
http://rhn.redhat.com/errata/RHSA-2012-0076.html
RHSA-2012:0077
http://rhn.redhat.com/errata/RHSA-2012-0077.html
RHSA-2012:0078
http://rhn.redhat.com/errata/RHSA-2012-0078.html
RHSA-2012:0325
http://rhn.redhat.com/errata/RHSA-2012-0325.html
SUSE-SU-2012:0155
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html
http://svn.apache.org/viewvc?view=rev&rev=1087655
http://svn.apache.org/viewvc?view=rev&rev=1158180
http://svn.apache.org/viewvc?view=rev&rev=1159309
openSUSE-SU-2012:0208
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html
oval:org.mitre.oval:def:19169
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19169
Common Vulnerability Exposure (CVE) ID: CVE-2011-1419
BugTraq ID: 46685
http://mail-archives.apache.org/mod_mbox/www-announce/201103.mbox/%3C4D6E74FF.7050106@apache.org%3E
http://marc.info/?l=tomcat-user&m=129966773405409&w=2
http://securityreason.com/securityalert/8131
XForce ISS Database: apache-servletsecurity-sec-bypass(66154)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66154
XForce ISS Database: tomcat-servletsecurity-sec-bypass(65971)
Common Vulnerability Exposure (CVE) ID: CVE-2011-1475
1025303
http://www.securitytracker.com/id?1025303
20110406 [SECURITY] CVE-2011-1475 Apache Tomcat information disclosure
http://seclists.org/fulldisclosure/2011/Apr/97
http://www.securityfocus.com/archive/1/517363
47199
http://www.securityfocus.com/bid/47199
8188
http://securityreason.com/securityalert/8188
ADV-2011-0894
http://www.vupen.com/english/advisories/2011/0894
http://svn.apache.org/viewvc?view=revision&revision=1086349
http://svn.apache.org/viewvc?view=revision&revision=1086352
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957
oval:org.mitre.oval:def:12374
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12374
tomcat-httpbio-info-disclosure(66676)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66676
Common Vulnerability Exposure (CVE) ID: CVE-2011-1582
20110517 [SECURITY] CVE-2011-1582 Apache Tomcat security constraint bypass
http://www.securityfocus.com/archive/1/518032/100/0/threaded
47886
http://www.securityfocus.com/bid/47886
8256
http://securityreason.com/securityalert/8256
ADV-2011-1255
http://www.vupen.com/english/advisories/2011/1255
[www-announce] 20110517 [SECURITY] CVE-2011-1582 Apache Tomcat security constraint bypass
http://mail-archives.apache.org/mod_mbox/www-announce/201105.mbox/%3C4DD26E30.2060103%40apache.org%3E
http://svn.apache.org/viewvc?view=revision&revision=1100832
http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.14_%28released_12_May_2011%29
tomcat-annotations-security-bypass(67515)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67515
Common Vulnerability Exposure (CVE) ID: CVE-2011-2204
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
BugTraq ID: 48456
http://www.securityfocus.com/bid/48456
Debian Security Information: DSA-2401 (Google Search)
HPdes Security Advisory: HPSBUX02725
HPdes Security Advisory: SSRT100627
http://www.osvdb.org/73429
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14931
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19532
http://securitytracker.com/id?1025712
http://secunia.com/advisories/44981
http://secunia.com/advisories/48308
XForce ISS Database: tomcat-jmx-info-disclosure(68238)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68238
Common Vulnerability Exposure (CVE) ID: CVE-2011-2481
1025924
http://securitytracker.com/id?1025924
49147
http://www.securityfocus.com/bid/49147
http://svn.apache.org/viewvc?view=revision&revision=1137753
http://svn.apache.org/viewvc?view=revision&revision=1138788
https://issues.apache.org/bugzilla/show_bug.cgi?id=51395
Common Vulnerability Exposure (CVE) ID: CVE-2011-2526
1025788
http://www.securitytracker.com/id?1025788
20110713 [SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities
http://www.securityfocus.com/archive/1/518889/100/0/threaded
45232
http://secunia.com/advisories/45232
48308
48667
http://www.securityfocus.com/bid/48667
73797
http://osvdb.org/73797
73798
http://osvdb.org/73798
http://svn.apache.org/viewvc?view=revision&revision=1145383
http://svn.apache.org/viewvc?view=revision&revision=1145571
http://svn.apache.org/viewvc?view=revision&revision=1145694
http://svn.apache.org/viewvc?view=revision&revision=1146005
https://bugzilla.redhat.com/show_bug.cgi?id=720948
oval:org.mitre.oval:def:14573
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14573
oval:org.mitre.oval:def:19514
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19514
tomcat-sendfile-info-disclosure(68541)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68541
Common Vulnerability Exposure (CVE) ID: CVE-2011-2729
1025925
http://securitytracker.com/id?1025925
20110812 [SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)
http://www.securityfocus.com/archive/1/519263/100/0/threaded
46030
http://secunia.com/advisories/46030
49143
http://www.securityfocus.com/bid/49143
RHSA-2011:1291
http://www.redhat.com/support/errata/RHSA-2011-1291.html
RHSA-2011:1292
http://www.redhat.com/support/errata/RHSA-2011-1292.html
[commons-dev] 20110812 [AANNOUNCE] Apache Commons Daemon 1.0.7 released
http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%3C4E451B2B.9090108%40apache.org%3E
[tomcat-announce] 20110812 [SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)
http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306%40apache.org%3E
http://people.apache.org/~markt/patches/2011-08-12-cve2011-2729-tc5.patch
http://svn.apache.org/viewvc?view=revision&revision=1152701
http://svn.apache.org/viewvc?view=revision&revision=1153379
http://svn.apache.org/viewvc?view=revision&revision=1153824
https://bugzilla.redhat.com/show_bug.cgi?id=730400
https://issues.apache.org/jira/browse/DAEMON-214
openSUSE-SU-2011:1062
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html
oval:org.mitre.oval:def:14743
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14743
oval:org.mitre.oval:def:19450
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19450
tomcat-jsvc-info-disclosure(69161)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69161
Common Vulnerability Exposure (CVE) ID: CVE-2011-3190
BugTraq ID: 49353
http://www.securityfocus.com/bid/49353
Bugtraq: 20110829 [SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure (Google Search)
http://www.securityfocus.com/archive/1/519466/100/0/threaded
https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465
http://www.securitytracker.com/id?1025993
http://secunia.com/advisories/45748
http://secunia.com/advisories/49094
http://securityreason.com/securityalert/8362
XForce ISS Database: tomcat-ajp-security-bypass(69472)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69472
Common Vulnerability Exposure (CVE) ID: CVE-2011-3375
Common Vulnerability Exposure (CVE) ID: CVE-2011-4858
BugTraq ID: 51200
http://www.securityfocus.com/bid/51200
CERT/CC vulnerability note: VU#903934
http://www.kb.cert.org/vuls/id/903934
HPdes Security Advisory: HPSBMU02747
http://marc.info/?l=bugtraq&m=133294394108746&w=2
HPdes Security Advisory: HPSBUX02741
http://marc.info/?l=bugtraq&m=132871655717248&w=2
HPdes Security Advisory: SSRT100728
HPdes Security Advisory: SSRT100771
http://www.nruns.com/_downloads/advisory28122011.pdf
http://www.ocert.org/advisories/ocert-2011-003.html
https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4EFB9800.5010106@apache.org%3e
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18886
RedHat Security Advisories: RHSA-2012:0074
RedHat Security Advisories: RHSA-2012:0075
RedHat Security Advisories: RHSA-2012:0076
RedHat Security Advisories: RHSA-2012:0077
RedHat Security Advisories: RHSA-2012:0078
RedHat Security Advisories: RHSA-2012:0089
http://rhn.redhat.com/errata/RHSA-2012-0089.html
RedHat Security Advisories: RHSA-2012:0325
RedHat Security Advisories: RHSA-2012:0406
http://rhn.redhat.com/errata/RHSA-2012-0406.html
http://secunia.com/advisories/48549
http://secunia.com/advisories/48790
http://secunia.com/advisories/48791
http://secunia.com/advisories/54971
http://secunia.com/advisories/55115
Common Vulnerability Exposure (CVE) ID: CVE-2011-5062
SuSE Security Announcement: SUSE-SU-2012:0155 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0208 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-5063
Common Vulnerability Exposure (CVE) ID: CVE-2011-5064
Common Vulnerability Exposure (CVE) ID: CVE-2012-0022
BugTraq ID: 51447
http://www.securityfocus.com/bid/51447
Bugtraq: 20120117 [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2012-01/0112.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:085
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16925
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18934
RedHat Security Advisories: RHSA-2012:0345
http://rhn.redhat.com/errata/RHSA-2012-0345.html
RedHat Security Advisories: RHSA-2012:1331
http://rhn.redhat.com/errata/RHSA-2012-1331.html
http://secunia.com/advisories/48213
http://secunia.com/advisories/50863
XForce ISS Database: apache-tomcat-parameter-dos(72425)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72425
CopyrightCopyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.