Page 5 of 38 results (0.005 seconds)

CVSS: 2.6EPSS: 0%CPEs: 14EXPL: 1

The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request. El método doRead en Apache Tomcat v4.1.32 hasta v4.1.34 y v5.5.10 hasta v5.5.20 no devuelve un -1 para indicar que una cierta condición de error ha ocurrido, lo que puede causar Tomcat enviar un contenido POST desde una petición a diferentes peticiones. • http://jvn.jp/en/jp/JVN66905322/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000010.html http://secunia.com/advisories/34057 http://www.securityfocus.com/archive/1/501250 http://www.securityfocus.com/bid/33913 http://www.vupen.com/english/advisories/2009/0541 https://issues.apache.org/bugzilla/show_bug.cgi?id=40771 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0

Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve. Apache Tomcat 5.5.0 y 4.1.0 hasta la 4.1.31 permite a atacantes remotos eludir una restricción de dirección IP y obtener información sensible a través de una solicitud que se tramita simultáneamente con otra petición, pero en otro hilo, lo que lleva a una sobreescritura de una variable de instancia asociada con un "problema de sincronización" y con un fallo de seguridad en la implementación de los hilos, relacionada con RemoteFilterValve, RemoteAddrValve, y RemoteHostValve. • http://jvn.jp/en/jp/JVN30732239/index.html http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000069.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html http://secunia.com/advisories/32213 http://secunia.com/advisories/32234 http://secunia.com/advisories/32398 http://secunia.com/advisories/35684 http://securityreason.com/securityalert/4396 http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://www.fujitsu.com/gl • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 96%CPEs: 3EXPL: 2

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version. Una vulnerabilidad de salto de directorio (Directory Traversal) en Apache Tomcat versión 4.1.0 hasta 4.1.37, versión 5.5.0 hasta 5.5.26 y versión 6.0.0 hasta 6.0.16, cuando están habilitados allowLinking y UTF-8, permite a atacantes remotos leer archivos arbitrarios por medio de secuencias de salto de directorio (Directory Traversal) en el URI, una vulnerabilidad diferente a CVE-2008-2370. NOTA: las versiones anteriores a 6.0.18 se informaron afectadas, pero el aviso del proveedor enumera 6.0.16 como la última versión afectada. ToutVirtual VirtualIQ Pro version 3.2 build 7882 suffers from cross site scripting, cross site request forgery, directory traversal, and code execution vulnerabilities. • https://www.exploit-db.com/exploits/6229 https://www.exploit-db.com/exploits/14489 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://secunia.com/advisories/31639 http://secunia.com/advisories/31865 http://secunia.com/advisories/31891 http://secunia.com • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 10%CPEs: 82EXPL: 2

Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter. Apache Tomcat 4.1.0 hasta la 4.1.37, 5.5.0 hasta la 5.5.26 y 6.0.0 hasta la 6.0.16, cuando se utiliza RequestDispatcher, realiza una regularización de ruta antes de eliminar la cadena de consulta desde la URI, lo cual permite a atacantes remotos dirigir ataques de salto de directorio y leer archivos arbitrariamente mediante un .. (punto punto) en un parametro request. • https://www.exploit-db.com/exploits/32137 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://secunia.com/advisories/31379 http://secunia.com/advisories/31381 http://secunia.com/advisories/31639 http:/& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 2%CPEs: 3EXPL: 2

Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Apache Tomcat 4.1.0 hasta la 4.1.37, 5.5.0 hasta la 5.5.26 y 6.0.0 hasta la 6.0.16, permite a atacantes remotos inyectar arbitrariamente secuencias de comandos web o HTML a través de una cadena manipulada usada en el argumento message del método HttpServletResponse.sendError. • https://www.exploit-db.com/exploits/32138 http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://marc.info/?l=bugtraq&m=13 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •