Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2007-0871

Опубликовано: 26 сент. 2007
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2007-0871: Moderate: tomcat security update (MODERATE)

[5.5.23-0jpp.3.0.2]

  • Patch for CVE-2007-3382 and CVE-2007-3385 Resolves: rhbz#254155

[5.5.23-0jpp.3.0.1]

  • Patch for CVE-2007-3386 Resolves: rhbz#254155

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

tomcat5

5.5.23-0jpp.3.0.2.el5

tomcat5-admin-webapps

5.5.23-0jpp.3.0.2.el5

tomcat5-common-lib

5.5.23-0jpp.3.0.2.el5

tomcat5-jasper

5.5.23-0jpp.3.0.2.el5

tomcat5-jasper-javadoc

5.5.23-0jpp.3.0.2.el5

tomcat5-jsp-2.0-api

5.5.23-0jpp.3.0.2.el5

tomcat5-jsp-2.0-api-javadoc

5.5.23-0jpp.3.0.2.el5

tomcat5-server-lib

5.5.23-0jpp.3.0.2.el5

tomcat5-servlet-2.4-api

5.5.23-0jpp.3.0.2.el5

tomcat5-servlet-2.4-api-javadoc

5.5.23-0jpp.3.0.2.el5

tomcat5-webapps

5.5.23-0jpp.3.0.2.el5

Oracle Linux i386

tomcat5

5.5.23-0jpp.3.0.2.el5

tomcat5-admin-webapps

5.5.23-0jpp.3.0.2.el5

tomcat5-common-lib

5.5.23-0jpp.3.0.2.el5

tomcat5-jasper

5.5.23-0jpp.3.0.2.el5

tomcat5-jasper-javadoc

5.5.23-0jpp.3.0.2.el5

tomcat5-jsp-2.0-api

5.5.23-0jpp.3.0.2.el5

tomcat5-jsp-2.0-api-javadoc

5.5.23-0jpp.3.0.2.el5

tomcat5-server-lib

5.5.23-0jpp.3.0.2.el5

tomcat5-servlet-2.4-api

5.5.23-0jpp.3.0.2.el5

tomcat5-servlet-2.4-api-javadoc

5.5.23-0jpp.3.0.2.el5

tomcat5-webapps

5.5.23-0jpp.3.0.2.el5

Связанные CVE

CVE-2007-3382
CVE-2007-3386
CVE-2007-3385

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2007-3382

ubuntu
почти 18 лет назад

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.

redhat логотип

CVE-2007-3382

redhat
почти 18 лет назад

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.

nvd логотип

CVE-2007-3382

nvd
почти 18 лет назад

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.

debian логотип

CVE-2007-3382

debian
почти 18 лет назад

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 ...

github логотип

GHSA-qff8-g48j-pwpw

github
больше 3 лет назад

Apache Tomcat treats single quotes as delimiters in cookies