CVSS: 5.3EPSS: 0%CPEs: 80EXPL: 0CVE-2011-2526 – tomcat: security manager restrictions bypass
https://notcve.org/view.php?id=CVE-2011-2526
14 Jul 2011 — Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application. Apache Tomcat v5.5.x anterior a v5.5.34, v6.x anterior a v6.0.33, y v7.x anterior a v7.0.19, cuando sendfile está habilitado para el conector HTTP APR o ... • http://marc.info/?l=bugtraq&m=132215163318824&w=2 • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 79EXPL: 0CVE-2011-2204 – tomcat: password disclosure vulnerability
https://notcve.org/view.php?id=CVE-2011-2204
29 Jun 2011 — Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file. Apache Tomcat v5.5.x antes de v5.5.34, v6.0.33 antes de v6.x, v7.x antes de v7.0.17, cuando el MemoryUserDatabase se utiliza, crea entradas del registro que contienen las contraseñas al encontrar errores en la creación de usuarios... • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 1%CPEs: 65EXPL: 1CVE-2011-0013 – tomcat: XSS vulnerability in HTML Manager interface
https://notcve.org/view.php?id=CVE-2011-0013
18 Feb 2011 — Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en la interfaz de HTML Manager en Apache Software Foundation Tomcat v7.0 antes de v7.0.6, v5.5 antes de v5.5.32 y v6.0 antes de v6.0.30 permiten a atacantes remotos inyecta... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 63EXPL: 0CVE-2010-3718 – tomcat: file permission bypass flaw
https://notcve.org/view.php?id=CVE-2010-3718
10 Feb 2011 — Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack. Apache Tomcat v7.0.0 hasta v7.0.3, v6.0.x, y v5.5.x, cuando se ejecuta dentro de un SecurityManager no tiene el atributo ServletContext de sólo lectura, lo que permite a las aplicaciones web locales leer y escrib... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html •
CVSS: 6.5EPSS: 68%CPEs: 55EXPL: 1CVE-2010-2227 – tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header
https://notcve.org/view.php?id=CVE-2010-2227
13 Jul 2010 — Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer." Apache Tomcat v5.5.0 hasta v5.5.29, v6.0.0 hasta v6.0.27 y v7.0.0 beta, no maneja apropiadamente una cabecera Transer-Encoding inválida, lo que permite a atacantes remotos causar una denegación de s... • https://packetstorm.news/files/id/180512 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.7EPSS: 11%CPEs: 53EXPL: 1CVE-2010-1157 – Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.26 - Information Disclosure
https://notcve.org/view.php?id=CVE-2010-1157
23 Apr 2010 — Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply. Apache Tomcat en sus versiones v5.5.0 a v5.5.29 y v6.0.0 a v6.0.26 podría permitir a atacantes remotos descubrir el nombre del servidor o su dirección IP mediante el envío de una solicitud de un recurso que ... • https://www.exploit-db.com/exploits/12343 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 51EXPL: 0CVE-2009-2693 – tomcat: unexpected file deletion and/or alteration
https://notcve.org/view.php?id=CVE-2009-2693
28 Jan 2010 — Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry. Vulnerabilidad de salto de directorio en Apache Tomcat v5.5.0 a la v5.5.28 y v6.0.0 a la v6.0.20, permite a atacantes remotos crear, sobrescribir archivos de su elección a través de .. (punto punto) en una entrada en un archivo WAR, como se demostró con l... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 51EXPL: 0CVE-2009-2902 – tomcat: unexpected file deletion in work directory
https://notcve.org/view.php?id=CVE-2009-2902
28 Jan 2010 — Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. Vulnerabilidad de salto de directorio en Apache Tomcat desde v5.5.0 hasta v5.5.28 y desde v6.0.0 hasta v6.0.20 permite a atacantes remotos borrar ficheros del directorio de trabajo a través de secuencias de salto de directorio en un nombre de fichero WAR, como se dem... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 51EXPL: 0CVE-2009-2901 – HP Security Bulletin HPSBST02955
https://notcve.org/view.php?id=CVE-2009-2901
28 Jan 2010 — The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests. El proceso de auto despliegue en Apache Tomcat desde v5.5.0 hasta v5.5.28 y desde v6.0.0 hasta v6.0.20, cuando AutoDeploy esta activado, despliega ficheros appBase que se mantienen de un plegado fallido lo que permite a atacantes remo... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 24%CPEs: 142EXPL: 3CVE-2009-3548 – Apache Tomcat Manager - Application Upload (Authenticated) Code Execution
https://notcve.org/view.php?id=CVE-2009-3548
12 Nov 2009 — The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges. El instalador de Windows para Apache Tomcat 6.0.0 a 6.0.20, 5.5.0 a 5.5.28, y posiblemente versiones anteriores, usa una contraseña en blanco por defecto para el usuario administrador, lo que permite a atacantes remotos obtener privilegios. Potential security vulnerabilities have been ide... • https://packetstorm.news/files/id/125021 • CWE-255: Credentials Management Errors •