The host is running Apache Tomcat Server and is prone to security bypass vulnerability.
Successful exploitation could allows remote attackers to bypass intended access restrictions or gain sensitive information. Impact Level: Application.
Upgrade Apache Tomcat to 6.0.33, 7.0.22 or later, For updates refer to http://tomcat.apache.org/
The flaw is due to improper recycling of the request object before processing the next request when logging certain actions, allowing attackers to gain sensitive information like remote IP address and HTTP headers which is being carried forward to the next request.
Apache Tomcat 6.0.30 to 6.0.32 and 7.x to 7.0.21 on Windows.
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
- Apache HTTP Server mod_proxy_ajp Process Timeout DoS Vulnerability (Windows)
- Check for dangerous IIS default files
- AOLServer Terminal Escape Sequence in Logs Command Injection Vulnerability