Description

Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.

Remediation

References

CVE-2010-1157

Related Vulnerabilities

WordPress Plugin Keep Backup Daily Unspecified Vulnerability (2.0.3)

MySQL CVE-2019-2623 Vulnerability (CVE-2019-2623)

WordPress Plugin WPS Child Theme Generator Directory Traversal (1.1)

WordPress Plugin ImportWP-Import any XML or CSV File into WordPress Security Bypass (1.1.5)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1755)

Severity

Low

Classification

CVE-2010-1157 CWE-200

Tags

Missing Update Known Vulnerabilities