Vulnerability & Exploit Database

Displaying entries 11 - 20 of 29 in total

Results for: CVE-2013-5887 Back to search

USN-1637-1: Tomcat vulnerabilities Vulnerability

  • Severity: 5
  • Published: November 17, 2012

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network...

SUSE Linux Security Vulnerability: CVE-2012-5887 Vulnerability

  • Severity: 5
  • Published: November 17, 2012

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network...

Oracle Solaris 11: CVE-2012-5887: Vulnerability in Apache Tomcat Vulnerability

  • Severity: 5
  • Published: November 17, 2012

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network...

RHSA-2013:0647: jbossweb security update Vulnerability

  • Severity: 5
  • Published: November 17, 2012

Updated jbossweb packages for JBoss Enterprise Application Platform 6.0.1 that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed sever...

RHSA-2013:0640: tomcat5 security update Vulnerability

  • Severity: 5
  • Published: November 17, 2012

Apache Tomcat is a servlet container.It was found that when an application used FORM authentication, along withanother component that calls request.setUserPrincipal() before the call toFormAuthenticator#authenticate() (such as the Single-Sign-On valve), it waspossible to bypass the security constraint checks in the FORM authenticatorby a...

RHSA-2013:0631: jbossweb security update Vulnerability

  • Severity: 5
  • Published: November 17, 2012

Updated jbossweb packages for JBoss Enterprise Web Platform 5.2.0 which fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity...

RHSA-2013:0629: jbossweb security update Vulnerability

  • Severity: 5
  • Published: November 17, 2012

Updated jbossweb packages for JBoss Enterprise Application Platform 5.2.0 which fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed ...

RHSA-2013:0623: tomcat6 security update Vulnerability

  • Severity: 5
  • Published: November 17, 2012

Apache Tomcat is a servlet container.It was found that when an application used FORM authentication, along withanother component that calls request.setUserPrincipal() before the call toFormAuthenticator#authenticate() (such as the Single-Sign-On valve), it waspossible to bypass the security constraint checks in the FORM authenticatorby a...

RHSA-2013:0266: tomcat6 security update Vulnerability

  • Severity: 5
  • Published: November 17, 2012

Updated tomcat6 packages that fix multiple security issues are now available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings...