- Home
- CVEs with nessus.description==From+Red+Hat+Security+Advisory+2008%3A0042+%3A%0A%0AUpdated+tomcat+packages+that+fix+security+issues+and+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+5.%0A%0AThis+update+has+been+rated+as+having+moderate+security+impact+by+the+Red+Hat+Security+Response+Team.%0A%0ATomcat+is+a+servlet+container+for+Java+Servlet+and+JavaServer+Pages+technologies.%0A%0AA+directory+traversal+vulnerability+existed+in+the+Apache+Tomcat+webdav+servlet.+In+some+configurations+it+allowed+remote+authenticated+users+to+read+files+accessible+to+the+local+tomcat+process.%0A%28CVE-2007-5461%29%0A%0AThe+default+security+policy+in+the+JULI+logging+component+did+not+restrict+access+permissions+to+files.+This+could+be+misused+by+untrusted+web+applications+to+access+and+write+arbitrary+files+in+the+context+of+the+tomcat+process.+%28CVE-2007-5342%29%0A%0AUsers+of+Tomcat+should+update+to+these+errata+packages%2C+which+contain+backported+patches+and+are+not+vulnerable+to+these+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top