English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 74154 CVE descriptions
and 39337 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-1947
Description:Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
Test IDs: 1.3.6.1.4.1.25623.1.0.61110   1.3.6.1.4.1.25623.1.0.61637   1.3.6.1.4.1.25623.1.0.61638   1.3.6.1.4.1.25623.1.0.61580  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-1947
Bugtraq: 20080602 [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/492958/100/0/threaded
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded
http://marc.info/?l=tomcat-user&m=121244319501278&w=2
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Debian Security Information: DSA-1593 (Google Search)
http://www.debian.org/security/2008/dsa-1593
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
HPdes Security Advisory: HPSBUX02401
http://marc.info/?l=bugtraq&m=123376588623823&w=2
HPdes Security Advisory: SSRT090005
http://marc.info/?l=bugtraq&m=123376588623823&w=2
HPdes Security Advisory: HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
RedHat Security Advisories: RHSA-2008:0648
http://www.redhat.com/support/errata/RHSA-2008-0648.html
RedHat Security Advisories: RHSA-2008:0862
http://www.redhat.com/support/errata/RHSA-2008-0862.html
RedHat Security Advisories: RHSA-2008:0864
http://www.redhat.com/support/errata/RHSA-2008-0864.html
SuSE Security Announcement: SUSE-SR:2008:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
BugTraq ID: 29502
http://www.securityfocus.com/bid/29502
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6009
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11534
http://secunia.com/advisories/33999
http://secunia.com/advisories/34013
http://secunia.com/advisories/37460
http://secunia.com/advisories/57126
http://www.vupen.com/english/advisories/2008/1725
http://www.vupen.com/english/advisories/2008/2823
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2009/0320
http://www.securitytracker.com/id?1020624
http://secunia.com/advisories/30500
http://secunia.com/advisories/30592
http://secunia.com/advisories/30967
http://secunia.com/advisories/31639
http://secunia.com/advisories/31891
http://secunia.com/advisories/31865
http://secunia.com/advisories/32222
http://secunia.com/advisories/33797
http://secunia.com/advisories/32120
http://secunia.com/advisories/32266
http://www.vupen.com/english/advisories/2009/0503
http://www.vupen.com/english/advisories/2009/3316
XForce ISS Database: apache-tomcat-hostmanager-xss(42816)
http://xforce.iss.net/xforce/xfdb/42816

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.