CVSS: 5.0EPSS: 1%CPEs: 87EXPL: 0CVE-2009-0033 – tomcat6 Denial-Of-Service with AJP connection
https://notcve.org/view.php?id=CVE-2009-0033
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header. Apache Tomcat v4.1.0 hasta v4.1.39, v5.5.0 hasta v5.5.27 y v6.0.0 hasta v6.0.18, cuando se utilizan el conector Java AJP y el balanceo de carga mod_jk; permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de una solicitud manipulada con cabeceras inválidas. Está relacionado con el bloqueo temporal de los conectores que han encontrado errores, tal como se ha demostrado por un error que implica una cabecera HTTP Host mal formada. • http://jvn.jp/en/jp/JVN87272440/index.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info/?l=bugtraq&m=129070310906557&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://secunia.com/advisories/35326 http://secunia.com/advisories/35344 h • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 97%CPEs: 87EXPL: 1CVE-2009-0580 – Apache Tomcat 6.0.18 - Form Authentication Existing/Non-Existing 'Username' Enumeration
https://notcve.org/view.php?id=CVE-2009-0580
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter. Apache Tomcat v4.1.0 hasta v4.1.39, v5.5.0 hasta v5.5.27, y v6.0.0 hasta v6.0.18, cuando se utiliza autenticación FORM, permite a atacantes remotos enumerar nombres de usuarios válidos a través de una solicitud a /j_security_check con codificación malformada de URL de contraseñas. Está relacionado con una comprobación de errores incorrecta en los entornos de autenticación (1) MemoryRealm, (2) DataSourceRealm y (3) JDBCRealm; como se ha demostrado con un valor % (porcentaje) en el parámetro j_password. • https://www.exploit-db.com/exploits/33023 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info/?l=bugtraq&m=129070310906557&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://secunia.com/advisories/35326 http://secunia.com/advisories/35344 http: • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.6EPSS: 0%CPEs: 128EXPL: 1CVE-2008-5519 – mod_jk: session information leak
https://notcve.org/view.php?id=CVE-2008-5519
The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers. El conector JK (tambien conocido como mod_jk) v1.2.0 hasta la v1.2.26 en Apache Tomcat permite a atacantes remotos obtener información sensible a través de una petición arbitraria desde un cliente HTTP, en circunstancias oportunas implicando (1) una petición desde distintos clientes que incluyan una cabecera con el campo longitud de contenido, pero sin datos en POST, o (2) una serie de peticiones rápidas, relativo a la no conformidad con los requerimientos del protocolo AJP para peticiones que contengan cabeceras con el campo longitud del contenido. • http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://mail-archives.apache.org/mod_mbox/www-announce/200904.mbox/%3C49DBBAC0.2080400%40apache.org%3E http://marc.info/?l=tomcat-dev&m=123913700700879 http://secunia.com/advisories/29283 http://secunia.com/advisories/34621 http://secunia.com/advisories/35537 http://securitytracker.com/id?1022001 http://sunsolve.sun.com/search/document.do?assetkey=1-26-262468-1 http://svn.eu.apache.org/viewvc/tomcat/connector • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 27%CPEs: 85EXPL: 0CVE-2009-0781 – tomcat: XSS in Apache Tomcat calendar application
https://notcve.org/view.php?id=CVE-2009-0781
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." Una vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en jsp/cal/cal2.jsp en la aplicación 'calendar' de los ejemplos de aplicaciones Web de Apache Tomcat 4.1.0 a 4.1.39, 5.5.0 a 5.5.27 y 6.0.0 a 6.0.18 permite a atacantes remotos inyectar HTML o scripts web arbitrarios a través del parámetro 'time', en relación a un "HTML no válido." The calendar application for Apache Tomcat contains invalid HTML which renders the cross site scripting protection for the time parameter ineffective. An attacker can therefore perform an cross site scripting attack using the time attribute. Version affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://marc.info/?l=bugtraq&m=127420533226623&w=2 http://marc.info/?l=bugtraq&m=129070310906557&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://secunia.com/advisories/35685 http://secunia.com/advisories/35788 http://secunia.com/advisories/37460 http://s • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 2.6EPSS: 0%CPEs: 14EXPL: 1CVE-2008-4308
https://notcve.org/view.php?id=CVE-2008-4308
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request. El método doRead en Apache Tomcat v4.1.32 hasta v4.1.34 y v5.5.10 hasta v5.5.20 no devuelve un -1 para indicar que una cierta condición de error ha ocurrido, lo que puede causar Tomcat enviar un contenido POST desde una petición a diferentes peticiones. • http://jvn.jp/en/jp/JVN66905322/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000010.html http://secunia.com/advisories/34057 http://www.securityfocus.com/archive/1/501250 http://www.securityfocus.com/bid/33913 http://www.vupen.com/english/advisories/2009/0541 https://issues.apache.org/bugzilla/show_bug.cgi?id=40771 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •