Showing 1 - 4 of 4

CVE-2005-2090

Status Candidate

Overview

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

Related Files

Apache Tomcat Information Disclosure: Posted Feb 25, 2014; Authored by Mark Thomas | Site tomcat.apache.org; Apache Tomcat versions 8.0.0-RC1, 7.0.0 through 7.0.42, and 6.0.0 through 6.0.37 suffer from an information disclosure vulnerability due to an incomplete fix for CVE-2005-2090.; tags | advisory, info disclosure; advisories | CVE-2005-2090, CVE-2013-4286; SHA-256 | 85aca72a0ab50801bdc11f8b35cd76f7c8566b582f96d36c721332941fd2bdcc; Download | Favorite | View

CA20090123-01.txt: Posted Jan 27, 2009; Authored by Ken Williams | Site www3.ca.com; Multiple security risks exist in Apache Tomcat as included with CA Cohesion and products that contain CA Cohesion. These include, but are not limited to, arbitrary command execution. Affected products include CA Cohesion Application Configuration Manager 4.5, CA CMDB Application Server 11.1, and Unicenter Service Desk 11.2.; tags | advisory, arbitrary; advisories | CVE-2005-2090, CVE-2005-3510, CVE-2006-3835, CVE-2006-7195, CVE-2006-7196, CVE-2007-0450, CVE-2007-1355, CVE-2007-1358, CVE-2007-1858, CVE-2007-2449, CVE-2007-2450, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386, CVE-2008-0128; SHA-256 | c8609f8dceb80de59813e4e08c5e56ee0e21604a9ddf888c621eda88cd823b65; Download | Favorite | View

VMware Security Advisory 2008-0002: Posted Jan 8, 2008; Authored by VMware | Site vmware.com; VMware Security Advisory - Updated Tomcat and JRE security updates have been issued for VirtualCenter 2.0.2, ESX Server 3.0.2, and ESX 3.0.1.; tags | advisory; advisories | CVE-2005-2090, CVE-2006-7195, CVE-2007-0450, CVE-2007-3004; SHA-256 | d70ad50277bcd17773dae218bfe21840a7f7e10fd23649fa024d2109224a5aa9; Download | Favorite | View

HP Security Bulletin 2007-14.47: Posted Oct 10, 2007; Authored by Hewlett Packard | Site hp.com; HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.; tags | advisory, arbitrary, vulnerability, xss; systems | hpux; advisories | CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386; SHA-256 | 85ce851efccb71b60d9f0e47f9402e4ce2d6740afac5c78fc233d8379f869bc3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
indoushka 170 files
Jay Turla 150 files
Ubuntu 79 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,123)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,177)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,794)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,845)
UNIX (9,454)
UnixWare (188)
Windows (6,771)
Other

CVE-2005-2090

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems