Description
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
Remediation
References
Related Vulnerabilities
WordPress Plugin JoomSport-for Sports: Team & League, Football, Hockey & more SQL Injection (3.3)
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)
WordPress Plugin RokStories Multiple Vulnerabilities (1.25)
Oracle Database Server Resource Management Errors Vulnerability (CVE-2007-5506)