Debian Security Advisory DSA 1593-1 (tomcat5.5) Network Vulnerability

Summary

The remote host is missing an update to tomcat5.5 announced via advisory DSA 1593-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201593-1

Insight

Tt was discovered that the Host Manager web application performed insufficient input sanitising, which could lead to cross-site scripting. For the stable distribution (etch), this problem has been fixed in version 5.5.20-2etch3. For the unstable distribution (sid), this problem has been fixed in version 5.5.26-3. We recommend that you upgrade your tomcat5.5 packages.

Severity

Classification

CVE CVE-2008-1947
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 1119-1 (hiki)
Debian Security Advisory DSA 068-1 (openldap)
Debian Security Advisory DSA 1116-1 (gimp)
Debian Security Advisory DSA 023-1 (inn2)
Debian Security Advisory DSA 067-1 (apache,apache-ssl)

Take action and discover your vulnerabilities