CVSS: 2.6EPSS: 0%CPEs: 43EXPL: 0CVE-2007-1858 – tomcat anonymous cipher issue
https://notcve.org/view.php?id=CVE-2007-1858
The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts. La configuración de cifrado SSL por defecto en Apache Tomcat 4.1.28 hasta 4.1.31, 5.0.0 hasta 5.0.30, y 5.5.0 hasta 5.5.17 utiliza determinadas claves inseguras, incluyendo la clave anónima, lo cual permite a atacantes remotos obtener información sensible o tener otros impactos no especificados. • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html http://marc.info/?l=bugtraq&m=133114899904925&w=2 http://osvdb.org/34882 http://secunia.com/advisories/29392 http://secunia.com/advisories/33668 http://secunia.com/advisories/44183 http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 http://tomcat.ap •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2005-4836
https://notcve.org/view.php?id=CVE-2005-4836
The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information. • http://tomcat.apache.org/security-4.html http://www.securityfocus.com/bid/28483 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0CVE-2005-4838 – tomcat manager example DoS
https://notcve.org/view.php?id=CVE-2005-4838
Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065598.html http://marc.info/?l=tomcat-dev&m=110476790331536&w=2 http://marc.info/?l=tomcat-dev&m=110477195116951&w=2 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://secunia.com/advisories/13737 http://secunia.com/advisories/31493 http://securitytracker.com/id?1012793 http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://www.oliverkarow.de/research/jakarta556_ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 2.6EPSS: 0%CPEs: 6EXPL: 0CVE-2005-3164
https://notcve.org/view.php?id=CVE-2005-3164
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages. • http://jvn.jp/jp/JVN%2379314822/index.html http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://secunia.com/advisories/17019 http://secunia.com/advisories/30802 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 http://support.apple.com/kb/HT2163 http://tomcat.apache.org/security-4.html http://www.hitachi-support.com/security_e/vuls_e/HS05-019_e/01& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 97%CPEs: 2EXPL: 1CVE-2005-2090 – tomcat multiple content-length header poisioning
https://notcve.org/view.php?id=CVE-2005-2090
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://docs.info.apple.com/article.html?artnum=306172 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://lists.vmware.com/pipermail/security-announce/2008/000003.html http://seclists.org/lists/bugtraq/2005/Jun/0025.html http://secuni •