Test ID:	1.3.6.1.4.1.25623.1.0.103242
Category:	Web Servers
Title:	Apache Tomcat AJP Protocol Security Bypass Vulnerability
Summary:	Apache Tomcat is prone to a security bypass vulnerability.
Description:	Summary: Apache Tomcat is prone to a security bypass vulnerability. Vulnerability Impact: Successful exploits will allow attackers to bypass certain security restrictions. Affected Software/OS: Tomcat 5.5.0 through 5.5.33, Tomcat 6.0.0 through 6.0.33, Tomcat 7.0.0 through 7.0.20 Solution: Updates are available. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3190 BugTraq ID: 49353 http://www.securityfocus.com/bid/49353 Bugtraq: 20110829 [SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure (Google Search) http://www.securityfocus.com/archive/1/519466/100/0/threaded Debian Security Information: DSA-2401 (Google Search) http://www.debian.org/security/2012/dsa-2401 HPdes Security Advisory: HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPdes Security Advisory: HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 HPdes Security Advisory: HPSBUX02725 http://marc.info/?l=bugtraq&m=132215163318824&w=2 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100627 HPdes Security Advisory: SSRT100825 HPdes Security Advisory: SSRT101146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:156 https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465 http://www.securitytracker.com/id?1025993 http://secunia.com/advisories/45748 http://secunia.com/advisories/48308 http://secunia.com/advisories/49094 http://secunia.com/advisories/57126 http://securityreason.com/securityalert/8362 XForce ISS Database: tomcat-ajp-security-bypass(69472) https://exchange.xforce.ibmcloud.com/vulnerabilities/69472
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.