ID de Prueba:	1.3.6.1.4.1.25623.1.0.103248
Categoría:	Web Servers
Título:	Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Resumen:	Apache Tomcat is prone to a remote information-disclosure; vulnerability.
Descripción:	Summary: Apache Tomcat is prone to a remote information-disclosure vulnerability. Vulnerability Impact: Remote attackers can exploit this issue to obtain sensitive information that will aid in further attacks. Attackers may also crash the JVM. Affected Software/OS: Tomcat 5.5.0 through 5.5.33, Tomcat 6.0.0 through 6.0.32, Tomcat 7.0.0 through 7.0.18. Solution: Updates are available. Please see the references for more information. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2526 1025788 http://www.securitytracker.com/id?1025788 20110713 [SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities http://www.securityfocus.com/archive/1/518889/100/0/threaded 45232 http://secunia.com/advisories/45232 48308 http://secunia.com/advisories/48308 48667 http://www.securityfocus.com/bid/48667 57126 http://secunia.com/advisories/57126 73797 http://osvdb.org/73797 73798 http://osvdb.org/73798 DSA-2401 http://www.debian.org/security/2012/dsa-2401 HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 HPSBUX02725 http://marc.info/?l=bugtraq&m=132215163318824&w=2 HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 MDVSA-2011:156 http://www.mandriva.com/security/advisories?name=MDVSA-2011:156 RHSA-2012:0074 http://rhn.redhat.com/errata/RHSA-2012-0074.html RHSA-2012:0075 http://rhn.redhat.com/errata/RHSA-2012-0075.html RHSA-2012:0076 http://rhn.redhat.com/errata/RHSA-2012-0076.html RHSA-2012:0077 http://rhn.redhat.com/errata/RHSA-2012-0077.html RHSA-2012:0078 http://rhn.redhat.com/errata/RHSA-2012-0078.html RHSA-2012:0325 http://rhn.redhat.com/errata/RHSA-2012-0325.html SSRT100627 SSRT100825 SSRT101146 [tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E http://svn.apache.org/viewvc?view=revision&revision=1145383 http://svn.apache.org/viewvc?view=revision&revision=1145571 http://svn.apache.org/viewvc?view=revision&revision=1145694 http://svn.apache.org/viewvc?view=revision&revision=1146005 http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-7.html https://bugzilla.redhat.com/show_bug.cgi?id=720948 oval:org.mitre.oval:def:14573 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14573 oval:org.mitre.oval:def:19514 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19514 tomcat-sendfile-info-disclosure(68541) https://exchange.xforce.ibmcloud.com/vulnerabilities/68541
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.