CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2008-3271 – tomcat RemoteFilterValve Information disclosure
https://notcve.org/view.php?id=CVE-2008-3271
13 Oct 2008 — Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve. Apache Tomcat 5.5.0 y 4.1.0 hasta la 4.1.31 permite a atacantes remotos eludir una restricción d... • http://jvn.jp/en/jp/JVN30732239/index.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 96%CPEs: 3EXPL: 5CVE-2008-2938 – Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC)
https://notcve.org/view.php?id=CVE-2008-2938
13 Aug 2008 — Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version. Una vulnerabilidad de salto de directorio (Directory Traversal) en Apache To... • https://packetstorm.news/files/id/180872 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 14%CPEs: 82EXPL: 2CVE-2008-2370 – Apache Tomcat 6.0.16 - 'RequestDispatcher' Information Disclosure
https://notcve.org/view.php?id=CVE-2008-2370
04 Aug 2008 — Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter. Apache Tomcat 4.1.0 hasta la 4.1.37, 5.5.0 hasta la 5.5.26 y 6.0.0 hasta la 6.0.16, cuando se utiliza RequestDispatcher, realiza una regularización de ruta antes de eliminar la caden... • https://www.exploit-db.com/exploits/32137 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 30%CPEs: 3EXPL: 2CVE-2008-1232 – Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-1232
04 Aug 2008 — Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Apache Tomcat 4.1.0 hasta la 4.1.37, 5.5.0 hasta la 5.5.26 y 6.0.0 hasta la 6.0.16, permite a atacantes remotos inyectar arbitrariamente ... • https://www.exploit-db.com/exploits/32138 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 68%CPEs: 3EXPL: 2CVE-2007-5333 – Apache Tomcat 6.0.15 - Cookie Quote Handling Remote Information Disclosure
https://notcve.org/view.php?id=CVE-2007-5333
12 Feb 2008 — Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385. Apache Tomcat 6.0.0 hasta 6.0.14, 5.5.0 hasta 5.5.25, 4.1.36 y 4.1.0 al no manejar adecuadamente secuencias (... • https://www.exploit-db.com/exploits/31130 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2008-0128 – tomcat5 SSO cookie login information disclosure
https://notcve.org/view.php?id=CVE-2008-0128
23 Jan 2008 — The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. El valor SingleSignOn (org.apache.catalina.authenticator.SingleSignOn) en Apache Tomcat anterior a 5.5.21 no asigna la bandera segura para la cookie JSESSIONIDSSO en una sesión http, haciéndolo más fácil para at... • https://github.com/ngyanch/4062-1 • CWE-16: Configuration •
CVSS: 6.5EPSS: 8%CPEs: 44EXPL: 3CVE-2007-5461 – Apache Tomcat - WebDAV SSL Remote File Disclosure
https://notcve.org/view.php?id=CVE-2007-5461
15 Oct 2007 — Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag. Vulnerabilidad de salto de ruta absoluta en Apache Tomcat 4.0.0 hasta la versión 4.0.6, 4.1.0, 5.0.0, 5.5.0 hasta la versión 5.5.25 y 6.0.0 hasta la versión 6.0.14, bajo determinadas configuraciones, permite a usuar... • https://www.exploit-db.com/exploits/4552 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 14%CPEs: 85EXPL: 1CVE-2007-3382 – Apache Tomcat 6.0.13 - Insecure Cookie Handling Quote Delimiter Session ID Disclosure
https://notcve.org/view.php?id=CVE-2007-3382
14 Aug 2007 — Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks. Apache Tomcat 6.0.0 hasta 6.0.13, 5.5.0 hasta 5.5.24, 5.0.0 hasta 5.0.30, 4.1.0 hasta 4.1.36, y 3.3 hasta 3.3.2 trata las comillas simples ("'") como delimitadores en las cookies, lo cual podría provocar que información se... • https://www.exploit-db.com/exploits/30496 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 11%CPEs: 85EXPL: 0CVE-2007-3385 – tomcat handling of cookie values
https://notcve.org/view.php?id=CVE-2007-3385
14 Aug 2007 — Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. Apache Tomcat 6.0.0 hasta 6.0.13, 5.5.0 hasta 5.5.24, 5.0.0 hasta 5.0.30, 4.1.0 hasta 4.1.36, y 3.3 hasta 3.3.2 no trata adecuadamente la secuencia de caracteres \" en un valor de cookie, lo cual podría provocar ... • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 33%CPEs: 17EXPL: 0CVE-2007-3383
https://notcve.org/view.php?id=CVE-2007-3383
25 Jul 2007 — Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages. Vulnerabilidad de seuencia de comandos en sitios cruzados en SendMailServlet en los ejemplos de aplicaciones web (examples/jsp/mail/sendmail.jsp) en Apache Tomcat 4.0.0 hasta ... • http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html •