Showing 1 - 6 of 6

CVE-2007-6286

Status Candidate

Overview

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.

Related Files

HP Security Bulletin HPSBST02955 2: Posted Mar 6, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBST02955 2 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 2 of this advisory.; tags | advisory, vulnerability; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2010-1157, CVE-2010-2227, CVE-2010-3718, CVE-2010-4172, CVE-2011-0013, CVE-2011-0534, CVE-2011-1184, CVE-2011-2204, CVE-2011-2481, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190, CVE-2011-5035, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064; SHA-256 | 6410ff7bef195c9761122d2dbcef0fcb62f17fc9f0e7743be62f8af8196a6887; Download | Favorite | View

HP Security Bulletin HPSBST02955: Posted Feb 26, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBST02955 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 1 of this advisory.; tags | advisory, vulnerability; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2010-1157, CVE-2010-2227, CVE-2010-3718, CVE-2010-4172, CVE-2011-0013, CVE-2011-0534, CVE-2011-1184, CVE-2011-2204, CVE-2011-2481, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190, CVE-2011-5035, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064; SHA-256 | 7a0da1c21ab0ea1ff0e437cda710d643179e7469a520d96d54e7b1e4ad034845; Download | Favorite | View

wikid-tomcat.txt: Posted Sep 17, 2008; Site wikidsystems.com; The WiKID Strong Authentication server has released an update for the Tomcat server associated with this software. It updates Tomcat to 5.5.27 to address a large amount of vulnerabilities.; tags | advisory, vulnerability; advisories | CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2008-2938, CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286; SHA-256 | a8c41c441cc362473d836e2155189f3679c6855e0acebd1877d9082428c45e77; Download | Favorite | View

VMware Security Advisory 2008-00010: Posted Jun 17, 2008; Authored by VMware | Site vmware.com; VMware Security Advisory - Updated Tomcat and Java JRE packages have been made available for VMWare ESX 3.5. It is not a few updates either. Check out how many CVEs are covered. Judging by the CVE age, their turn around time on patching is quite sad.; tags | advisory, java; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196, CVE-2008-0657, CVE-2007-5689; SHA-256 | bdca972198318dc99cbe922fcffca76537d29df7f9248d8962802a8c0051113f; Download | Favorite | View

Gentoo Linux Security Advisory 200804-10: Posted Apr 10, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200804-10 - Multiple vulnerabilities in Tomcat may lead to local file overwriting, session hijacking or information disclosure. Versions less than 6.0.16 are affected.; tags | advisory, local, vulnerability, info disclosure; systems | linux, gentoo; advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002; SHA-256 | 8450c98731084fc3778d5989e4cdf6f3480430925f6a49b95dbac75077cc749c; Download | Favorite | View

CVE-2007-6286.txt: Posted Feb 11, 2008; Site tomcat.apache.org; Apache Tomcat versions 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15 suffer from a duplicate request processing vulnerability.; tags | advisory; advisories | CVE-2007-6286; SHA-256 | 22729b358466fbd68bb4271ffdf26a6060ba0c78b027606cde7fa63482f7d411; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 380 files
Ubuntu 86 files
Debian 26 files
Gentoo 18 files
tmrswrr 10 files
Ph0s 5 files
R0ckE7 5 files
Google Security Research 4 files
Rahad Chowdhury 4 files
Chizuru Toyama 3 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,910)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,831)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,131)
UNIX (9,339)
UnixWare (187)
Windows (6,606)
Other

CVE-2007-6286

Overview

Related Files

File Archive:

November 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems