Apache Tomcat is prone to multiple remote vulnerabilities including information-disclosure and denial-of-service issues. Remote attackers can exploit these issues to cause denial-of-service conditions or gain access to potentially sensitive information information obtained may lead to further attacks. The following versions are affected: Tomcat 5.5.0 to 5.5.29 Tomcat 6.0.0 to 6.0.27 Tomcat 7.0.0 Tomcat 3.x, 4.x, and 5.0.x may also be affected.
The vendor released updates. Please see the references for more information.
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 - March 2011
- HttpBlitz Server HTTP Request Remote Denial of Service Vulnerability
- Check for IIS .cnf file leakage