Apache Tomcat version older than 6.0.14

Description
  • <div class="bb-coolbox"><span class="bb-dark">This alert was generated using only banner information. It may be a false positive. </span></div><br/><strong>Fixed in Apache Tomcat 6.0.14:</strong><br/><ul> <li> <strong>low</strong>: Cross-site scripting CVE-2007-2449<br/> JSPs within the examples web application did not escape user provided data before including it in the output. This enabled a XSS attack. These JSPs now filter the data before use. This issue may be mitigated by undeploying the examples web application. Note that it is recommended that the examples web application is not installed on a production system. </li> <li> <strong>low</strong>: Cross-site scripting CVE-2007-2450<br/> The Manager and Host Manager web applications did not escape user provided data before including it in the output. This enabled a XSS attack. These applications now filter the data before use. This issue may be mitigated by logging out (closing the browser) of the application once the management tasks have been completed. </li> <li> <strong>low</strong>: Session hi-jacking CVE-2007-3382<br/> Tomcat incorrectly treated a single quote character (') in a cookie value as a delimiter. In some circumstances this lead to the leaking of information such as session ID to an attacker. </li> <li> <strong>low</strong>: Session hi-jacking CVE-2007-3385<br/> Tomcat incorrectly handled the character sequence \" in a cookie value. In some circumstances this lead to the leaking of information such as session ID to an attacker. </li> <li> <strong>low</strong>: Cross-site scripting CVE-2007-3386<br/> The Host Manager Servlet did not filter user supplied data before display. This enabled an XSS attack. </li> </ul><br/> <span class="bb-navy">Affected Apache Tomcat version (6.0.0 - 6.0.13).</span><br/>
Remediation
  • Upgrade Apache Tomcat to the latest version.
References