Apache Tomcat is prone to multiple remote vulnerabilities including information-disclosure and denial-of-service issues. Remote attackers can exploit these issues to cause denial-of-service conditions or gain access to potentially sensitive information information obtained may lead to further attacks. The following versions are affected: Tomcat 5.5.0 to 5.5.29 Tomcat 6.0.0 to 6.0.27 Tomcat 7.0.0 Tomcat 3.x, 4.x, and 5.0.x may also be affected.
The vendor released updates. Please see the references for more information.
- Authentication bypassing in Lotus Domino
- IBM WebSphere Application Server Admin Console Cross-site Scripting Vulnerability
- Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
- IBM WebSphere Application Server 'plugin-key.kdb' Information Disclosure Vulnerability
- Lighttpd Trailing Slash Information Disclosure Vulnerability