apache tomcat 4.1.8 vulnerabilities and exploits

(subscribe to this query)

Apache Tomcat 5.5.0 and 4.1.0 up to and including 4.1.31 allows remote malicious users to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4 Apache Tomcat 4.1.5 Apache Tomcat 4.1.6 Apache Tomcat 4.1.7 Apache Tomcat 4.1.8 Apache Tomcat 4.1.9 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0, 5.0.0, 5.5.0 up to and including 5.5.25, and 6.0.0 up to and including 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write...

Apache Tomcat 4.0.0 Apache Tomcat 4.0.1 Apache Tomcat 4.0.2 Apache Tomcat 4.0.3 Apache Tomcat 4.0.4 Apache Tomcat 4.0.5 Apache Tomcat 4.0.6 Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4

2 EDB exploits

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 up to and including 4.1.39, 5.5.0 up to and including 5.5.27, and 6.0.0 up to and including 6.0.18 allows remote malicious users to inje...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4 Apache Tomcat 4.1.5 Apache Tomcat 4.1.6 Apache Tomcat 4.1.7 Apache Tomcat 4.1.8 Apache Tomcat 4.1.9 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11

Apache Tomcat 4.1.0 up to and including 4.1.37, 5.5.0 up to and including 5.5.26, and 6.0.0 up to and including 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote malicious users to conduct dire...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4 Apache Tomcat 4.1.5 Apache Tomcat 4.1.6 Apache Tomcat 4.1.7 Apache Tomcat 4.1.8 Apache Tomcat 4.1.9 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11

1 EDB exploit

Apache Tomcat 4.1.0 up to and including 4.1.39, 5.5.0 up to and including 5.5.27, and 6.0.0 up to and including 6.0.18, when FORM authentication is used, allows remote malicious users to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of pa...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4 Apache Tomcat 4.1.5 Apache Tomcat 4.1.6 Apache Tomcat 4.1.7 Apache Tomcat 4.1.8 Apache Tomcat 4.1.9 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11

1 EDB exploit

Apache Tomcat 4.1.0 up to and including 4.1.39, 5.5.0 up to and including 5.5.27, and 6.0.0 up to and including 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote malicious users to cause a denial of service (application outage) via a crafted re...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4 Apache Tomcat 4.1.5 Apache Tomcat 4.1.6 Apache Tomcat 4.1.7 Apache Tomcat 4.1.8 Apache Tomcat 4.1.9 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11

The Windows installer for Apache Tomcat 6.0.0 up to and including 6.0.20, 5.5.0 up to and including 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote malicious users to gain privileges.

Apache Tomcat 3.0 Apache Tomcat 3.1 Apache Tomcat 3.1.1 Apache Tomcat 3.2 Apache Tomcat 3.2.1 Apache Tomcat 3.2.2 Apache Tomcat 3.2.3 Apache Tomcat 3.2.4 Apache Tomcat 3.3 Apache Tomcat 3.3.1 Apache Tomcat 3.3.1a Apache Tomcat 3.3.2

2 EDB exploits2 Github repositories

The JK Connector (aka mod_jk) 1.2.0 up to and including 1.2.26 in Apache Tomcat allows remote malicious users to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included...

Apache Mod Jk 1.2 Apache Mod Jk 1.2.1 Apache Mod Jk 1.2.6 Apache Mod Jk 1.2.7 Apache Mod Jk 1.2.8 Apache Mod Jk 1.2.9 Apache Mod Jk 1.2.10 Apache Mod Jk 1.2.11 Apache Mod Jk 1.2.12 Apache Mod Jk 1.2.13 Apache Mod Jk 1.2.14 Apache Mod Jk 1.2.14.1

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook