CVSS: 6.4EPSS: 0%CPEs: 27EXPL: 0CVE-2010-4312
https://notcve.org/view.php?id=CVE-2010-4312
The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie. La configuración por defecto de Apache Tomcat v6.x no incluye la bandera HTTPOnly en un encabezado Set-Cookie, lo cual hace más fácil para los atacantes remotos secuestrar una sesión a traves del acceso mediante secuencias de comandos a una cookie. • http://www.securityfocus.com/archive/1/514866/100/0/threaded • CWE-16: Configuration •
CVSS: 4.3EPSS: 1%CPEs: 20EXPL: 2CVE-2010-4172 – Apache Tomcat 7.0.4 - 'sort' / 'orderBy' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-4172
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados en la aplicación Manager en Apache Tomcat v6.0.12 hasta v6.0.29 y v7.0.0 hasta v7.0.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro (1) orderBy o (2) sort a sessionsList.jsp, o una entrada no especificada a (3) sessionDetail.jsp o (4) java/org/apache/catalina/manager/JspHelper.java, relacionado con la utilización de aplicaciones web que no son de confianza. • https://www.exploit-db.com/exploits/35011 http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0285.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://secunia.com/advisories/42337 http://secunia.com/advisories/43019 http://secunia.com/advisories/45022 http://secunia.com/advisories/57126 http://securitytracker.com/id?1024764 http://support.apple.com/kb/HT5002 http://support.novell&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 59%CPEs: 55EXPL: 0CVE-2010-2227 – tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header
https://notcve.org/view.php?id=CVE-2010-2227
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer." Apache Tomcat v5.5.0 hasta v5.5.29, v6.0.0 hasta v6.0.27 y v7.0.0 beta, no maneja apropiadamente una cabecera Transer-Encoding inválida, lo que permite a atacantes remotos causar una denegación de servicio (indisponibilidad de la aplicación) u obtener información sensible a través de una cabecera manipulada que interfiera con el "reciclado del búffer" ("recycling of a buffer"). • http://geronimo.apache.org/21x-security-report.html http://geronimo.apache.org/22x-security-report.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050214.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://marc.info/?l=bugtraq&m=129070310906557&w=2 http://marc.info/?l=bugt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.6EPSS: 15%CPEs: 53EXPL: 1CVE-2010-1157 – Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.26 - Information Disclosure
https://notcve.org/view.php?id=CVE-2010-1157
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply. Apache Tomcat en sus versiones v5.5.0 a v5.5.29 y v6.0.0 a v6.0.26 podría permitir a atacantes remotos descubrir el nombre del servidor o su dirección IP mediante el envío de una solicitud de un recurso que requiere autenticación (1) BASIC o (2) DIGEST, y leer a continuación el campo realm en la cabecera WWW-Authenticate de la respuesta. • https://www.exploit-db.com/exploits/12343 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://marc.info/?l=bugtraq&m=129070310906557&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://secunia.com/advisories/39574 http://secunia.com/advisories/42368 http: • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 0%CPEs: 51EXPL: 0CVE-2009-2693 – tomcat: unexpected file deletion and/or alteration
https://notcve.org/view.php?id=CVE-2009-2693
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry. Vulnerabilidad de salto de directorio en Apache Tomcat v5.5.0 a la v5.5.28 y v6.0.0 a la v6.0.20, permite a atacantes remotos crear, sobrescribir archivos de su elección a través de .. (punto punto) en una entrada en un archivo WAR, como se demostró con la entrada ../.. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info&#x • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •