This host is running Apache Tomcat and is prone to multiple vulnerabilities.
Successful exploitation will allow remote attackers to conduct session fixation attacks and manipulate certain data. Impact Level: Application
Upgrade to version 6.0.39 or later, For Updates refer to http://tomcat.apache.org
Flaws are due to the org/apache/catalina/connector/CoyoteAdapter.java which does not consider the disableURLRewriting setting when handling a session ID in a URL.
Apache Tomcat version 6.0.33 through 6.0.37
Get the installed version of Apache Tomcat with the help of detect NVT and check the version is vulnerable or not.
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)
- Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
- Asterisk Missing ACL Check Remote Security Bypass Vulnerability
- Apache Tomcat Default Accounts