apache tomcat 3.3 vulnerabilities and exploits

(subscribe to this query)

NA

Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages....

Apache Tomcat 3.3.1a Apache Tomcat 3.3.2 Apache Tomcat 3.3 Apache Tomcat 3.3.1

NA

The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN....

Apache Tomcat 3.3 Apache Tomcat 4.0.4

NA

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character....

Apache Tomcat 3.1.1 Apache Tomcat 3.2 Apache Tomcat 3.0 Apache Tomcat 3.1 Apache Tomcat 3.3.1 Apache Tomcat 3.2.1 Apache Tomcat 3.2.3 Apache Tomcat 3.2.4 Apache Tomcat 3.31 EDB exploit available

NA

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file....

Apache Tomcat 3.0 Apache Tomcat 3.1 Apache Tomcat 3.3.1 Apache Tomcat 3.2.4 Apache Tomcat 3.3 Apache Tomcat 3.1.1 Apache Tomcat 3.2 Apache Tomcat 3.2.1 Apache Tomcat 3.2.3

NA

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML....

Apache Tomcat 3.3 Apache Tomcat 3.3.1 Apache Tomcat 3.2.3 Apache Tomcat 3.2.4 Apache Tomcat 3.0 Apache Tomcat 3.1 Apache Tomcat 3.1.1 Apache Tomcat 3.3.1a Apache Tomcat 3.2 Apache Tomcat 3.2.1

NA

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007....

Apache Tomcat 3.2.1 Apache Tomcat 3.2.2 Apache Tomcat 3.1.1 Apache Tomcat 3.2 Apache Tomcat 3.3.1a Apache Tomcat 3.2.3 Apache Tomcat 3.2.4 Apache Tomcat 3.0 Apache Tomcat 3.1 Apache Tomcat 3.3 Apache Tomcat 3.3.1

NA

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets....

Apache Tomcat 3.0 Apache Tomcat 3.3 Apache Tomcat 3.3.1 Apache Tomcat 3.2 Apache Tomcat 3.2.1 Apache Tomcat 4.0.2 Apache Tomcat 4.0.3 Apache Tomcat 3.1 Apache Tomcat 3.1.1 Apache Tomcat 4.0.0 Apache Tomcat 4.0.1 Apache Tomcat 3.2.3 Apache Tomcat 3.2.4 Apache Tomcat 4.1.01 EDB exploit available

NA

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp....

Apache Tomcat 3.2.1 Apache Tomcat 3.2.3 Apache Tomcat 3.1.1 Apache Tomcat 3.2 Apache Tomcat 3.2.4 Apache Tomcat 3.3 Apache Tomcat 3.0 Apache Tomcat 3.1 Apache Tomcat 3.3.1

NA

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable...

Apache Tomcat 4.1.1 Apache Tomcat 4.1.10 Apache Tomcat 4.1.31 Apache Tomcat 4.1.36 Apache Tomcat 4.1.9 Apache Tomcat 5.0.14 Apache Tomcat 5.0.15 Apache Tomcat 5.0.22 Apache Tomcat 5.0.23 Apache Tomcat 5.0.30 Apache Tomcat 5.0.4 Apache Tomcat 5.5.1 Apache Tomcat 5.5.10 Apache Tomcat 5.5.17 Apache Tomcat 5.5.18 Apache Tomcat 5.5.3 Apache Tomcat 5.5.4 Apache Tomcat 6.0.1 Apache Tomcat 6.0.10 Apache Tomcat 6.0.5 Apache Tomcat 3.3 Apache Tomcat 4.1.15 Apache Tomcat 4.1.2 Apache Tomcat 5.0.0 Apache Tomcat 5.0.1 Apache Tomcat 5.0.16 Apache Tomcat 5.0.17 Apache Tomcat 5.0.24 Apache Tomcat 5.0.25 Apache Tomcat 5.0.5 Apache Tomcat 5.0.6 Apache Tomcat 5.5.11 Apache Tomcat 5.5.12 Apache Tomcat 5.5.19 Apache Tomcat 5.5.2 Apache Tomcat 5.5.5 Apache Tomcat 5.5.6 Apache Tomcat 6.0.11 Apache Tomcat 6.0.12 Apache Tomcat 6.0.7 Apache Tomcat 6.0.8 Apache Tomcat 3.3.2 Apache Tomcat 4.1.0 Apache Tomcat 4.1.3 Apache Tomcat 5.0.12 Apache Tomcat 5.0.13 Apache Tomcat 5.0.2 Apache Tomcat 5.0.21 Apache Tomcat 5.0.28 Apache Tomcat 5.0.29 Apache Tomcat 5.0.3 Apache Tomcat 5.0.9 Apache Tomcat 5.5.0 Apache Tomcat 5.5.15 Apache Tomcat 5.5.16 Apache Tomcat 5.5.23 Apache Tomcat 5.5.24 Apache Tomcat 5.5.9 Apache Tomcat 6.0.0 Apache Tomcat 6.0.3 Apache Tomcat 3.3.1 Apache Tomcat 3.3.1a Apache Tomcat 4.1.24 Apache Tomcat 4.1.28 Apache Tomcat 5.0.10 Apache Tomcat 5.0.11 Apache Tomcat 5.0.18 Apache Tomcat 5.0.19 Apache Tomcat 5.0.26 Apache Tomcat 5.0.27 Apache Tomcat 5.0.7 Apache Tomcat 5.0.8 Apache Tomcat 5.5.13 Apache Tomcat 5.5.14 Apache Tomcat 5.5.20 Apache Tomcat 5.5.21 Apache Tomcat 5.5.22 Apache Tomcat 5.5.7 Apache Tomcat 5.5.8 Apache Tomcat 6.0.13 Apache Tomcat 6.0.2 Apache Tomcat 6.0.9 Apache Tomcat 6.0.4 Apache Tomcat 6.0.6

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook