Showing 1 - 6 of 6

CVE-2007-6286

Status Candidate

Overview

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.

Related Files

HP Security Bulletin HPSBST02955 2: Posted Mar 6, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBST02955 2 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 2 of this advisory.; tags | advisory, vulnerability; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2010-1157, CVE-2010-2227, CVE-2010-3718, CVE-2010-4172, CVE-2011-0013, CVE-2011-0534, CVE-2011-1184, CVE-2011-2204, CVE-2011-2481, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190, CVE-2011-5035, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064; SHA-256 | 6410ff7bef195c9761122d2dbcef0fcb62f17fc9f0e7743be62f8af8196a6887; Download | Favorite | View

HP Security Bulletin HPSBST02955: Posted Feb 26, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBST02955 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 1 of this advisory.; tags | advisory, vulnerability; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2010-1157, CVE-2010-2227, CVE-2010-3718, CVE-2010-4172, CVE-2011-0013, CVE-2011-0534, CVE-2011-1184, CVE-2011-2204, CVE-2011-2481, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190, CVE-2011-5035, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064; SHA-256 | 7a0da1c21ab0ea1ff0e437cda710d643179e7469a520d96d54e7b1e4ad034845; Download | Favorite | View

wikid-tomcat.txt: Posted Sep 17, 2008; Site wikidsystems.com; The WiKID Strong Authentication server has released an update for the Tomcat server associated with this software. It updates Tomcat to 5.5.27 to address a large amount of vulnerabilities.; tags | advisory, vulnerability; advisories | CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2008-2938, CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286; SHA-256 | a8c41c441cc362473d836e2155189f3679c6855e0acebd1877d9082428c45e77; Download | Favorite | View

VMware Security Advisory 2008-00010: Posted Jun 17, 2008; Authored by VMware | Site vmware.com; VMware Security Advisory - Updated Tomcat and Java JRE packages have been made available for VMWare ESX 3.5. It is not a few updates either. Check out how many CVEs are covered. Judging by the CVE age, their turn around time on patching is quite sad.; tags | advisory, java; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196, CVE-2008-0657, CVE-2007-5689; SHA-256 | bdca972198318dc99cbe922fcffca76537d29df7f9248d8962802a8c0051113f; Download | Favorite | View

Gentoo Linux Security Advisory 200804-10: Posted Apr 10, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200804-10 - Multiple vulnerabilities in Tomcat may lead to local file overwriting, session hijacking or information disclosure. Versions less than 6.0.16 are affected.; tags | advisory, local, vulnerability, info disclosure; systems | linux, gentoo; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002; SHA-256 | 8450c98731084fc3778d5989e4cdf6f3480430925f6a49b95dbac75077cc749c; Download | Favorite | View

CVE-2007-6286.txt: Posted Feb 11, 2008; Site tomcat.apache.org; Apache Tomcat versions 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15 suffer from a duplicate request processing vulnerability.; tags | advisory; advisories | CVE-2007-6286; SHA-256 | 22729b358466fbd68bb4271ffdf26a6060ba0c78b027606cde7fa63482f7d411; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 297 files
Ubuntu 69 files
Debian 20 files
Gentoo 8 files
Apple 6 files
Google Security Research 4 files
LiquidWorm 4 files
Spencer McIntyre 3 files
Alter Prime 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2007-6286

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems