CVSS: 5.8EPSS: 0%CPEs: 39EXPL: 0CVE-2011-2729 – jakarta-commons-daemon: jsvc does not drop capabilities allowing access to files and directories owned by the superuser
https://notcve.org/view.php?id=CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application. native/unix/native/jsvc-unix.c en jsvc en el componente Daemon v1.0.3 hasta v1.0.6 en Apache Commons, usado en Apache Tomcat v5.5.32 hasta v5.5.33, v6.0.30 hasta v6.0.32, y v7.0.x anterior a v7.0.20 en LinuxApache Commons, no elimina permisos, lo que permite a atacantes remotos evitar permisos de lectura para ficheros a través de una petición en una aplicación. • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%3C4E451B2B.9090108%40apache.org%3E http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306%40apache.org%3E http://marc.info/?l=bugtraq&m=132215163318824&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w= • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 80EXPL: 0CVE-2011-2526 – tomcat: security manager restrictions bypass
https://notcve.org/view.php?id=CVE-2011-2526
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application. Apache Tomcat v5.5.x anterior a v5.5.34, v6.x anterior a v6.0.33, y v7.x anterior a v7.0.19, cuando sendfile está habilitado para el conector HTTP APR o HTTP NIO, no valida ciertos atributos en la solicitud, permitiendo a usuarios locales eludir las restricciones de acceso a archivos o causar una denegación de servicio (bucle infinito o caída de JVM) mediante el aprovechamiento de una aplicación web no confiable. • http://marc.info/?l=bugtraq&m=132215163318824&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://osvdb.org/73797 http://osvdb.org/73798 http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http: • CWE-20: Improper Input Validation •
CVSS: 2.1EPSS: 0%CPEs: 79EXPL: 0CVE-2011-2204 – tomcat: password disclosure vulnerability
https://notcve.org/view.php?id=CVE-2011-2204
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file. Apache Tomcat v5.5.x antes de v5.5.34, v6.0.33 antes de v6.x, v7.x antes de v7.0.17, cuando el MemoryUserDatabase se utiliza, crea entradas del registro que contienen las contraseñas al encontrar errores en la creación de usuarios JMX, lo que permite a usuarios locales obtener información sensible mediante la lectura de un archivo de registro. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://marc.info/?l=bugtraq&m=132215163318824&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://secunia.com/advisories/44981 http://secunia.com/advisories/48308 http://secunia.com/advisories/57126 http://securitytracker.com/id? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 1CVE-2011-1475
https://notcve.org/view.php?id=CVE-2011-1475
The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users." El conector HTTP BIO en Apache Tomcat v7.0.x anterior a v7.0.12 no controla correctamente HTTP "pipelining", permitiendo a atacantes remotos leer las respuestas para otros clientes en circunstancias oportunistas mediante la examinación de los datos de la aplicación en paquetes HTTP, relacionado con una "una mezcla de respuestas a las peticiones de los diferentes usuarios" • https://github.com/samaujs/CVE-2011-1475 http://seclists.org/fulldisclosure/2011/Apr/97 http://securityreason.com/securityalert/8188 http://svn.apache.org/viewvc?view=revision&revision=1086349 http://svn.apache.org/viewvc?view=revision&revision=1086352 http://tomcat.apache.org/security-7.html http://www.securityfocus.com/archive/1/517363 http://www.securityfocus.com/bid/47199 http://www.securitytracker.com/id?1025303 http://www.vupen.com/english/advisories/2011/0894 https://ex • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 11EXPL: 0CVE-2011-1088
https://notcve.org/view.php?id=CVE-2011-1088
Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. Apache Tomcat v7.x anterior a v7.0.10 no sigue anotaciones ServletSecurity, lo que permite a atacantes remotos evitar las restricciones de acceso a través de peticiones HTTP a una aplicación web. • http://mail-archives.apache.org/mod_mbox/www-announce/201103.mbox/%3C4D6E74FF.7050106%40apache.org%3E http://markmail.org/message/lzx5273wsgl5pob6 http://markmail.org/message/yzmyn44f5aetmm2r http://secunia.com/advisories/43684 http://svn.apache.org/viewvc?view=revision&revision=1076586 http://svn.apache.org/viewvc?view=revision&revision=1076587 http://svn.apache.org/viewvc?view=revision&revision=1077995 http://tomcat.apache.org/security-7.html http://www.osvdb.org/71027 http://www.securi •