This host is running Apache Tomcat and is prone to multiple vulnerabilities.
Successful exploitation will allow remote attackers to cause a denial of service (resource consumption), bypass security-manager restrictions and read arbitrary files, conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. Impact Level: Application
Upgrade to version 6.0.40, 7.0.53, 8.0.4 or later. For updates refer to refer http://tomcat.apache.org
Multiple flaws are due to, - An Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java - The java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in does not properly restrict XSLT stylesheets. - Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in when operated behind a reverse proxy
Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
- Apple Safari Address Bar Spoofing Vulnerability june-10 (Win)
- Arris DOCSIS Password Disclosure
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Mac OS X)
- Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Windows)