Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbScanAlert SecurityEDB-ID:28254
HistoryJul 21, 2006 - 12:00 a.m.

Apache Tomcat 5 - Information Disclosure

2006-07-2100:00:00
ScanAlert Security
www.exploit-db.com
31

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/19106/info

Apache Tomcat is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. 

An attacker can exploit this issue to reveal a complete directory listing from any directory. Information obtained may aid in further attacks. Reports indicate that this issue may also allow attackers to obtain the source code of script files.

Apache Tomcat 5.028, 5.5.23, 5.5.9, and 5.5.7 are vulnerable to this issue; other versions may also be affected.

Novell GroupWise Mobile Server 1.0 or other versions bundled with Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2 ship with an affected version of Tomcat and are vulnerable as well.

http://www.example.com/;index.jsp

Related

cve 1
openvas 9
cvelist 1
nvd 1
veracode 1
nessus 6
checkpoint_advisories 1
securityvulns 2
seebug 3
zdt 1
exploitpack 1
packetstorm 1
tomcat 2
exploitdb 1
redhat 4
cve
cve
CVE-2006-3835
2006-07-25 13:22:00
openvas
openvas
SLES9: Security update for Tomcat
2009-10-10 00:00:00
SLES10: Security update for Tomcat 5
2009-10-13 00:00:00
SLES10: Security update for Tomcat 5
2009-10-13 00:00:00
cvelist
cvelist
CVE-2006-3835
2006-07-25 00:00:00
nvd
nvd
CVE-2006-3835
2006-07-25 13:22:00
veracode
veracode
Directory Traversal
2018-11-13 05:53:51
nessus
nessus
SuSE9 Security Update : Tomcat (YOU Patch Number 12343)
2009-09-24 00:00:00
SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 5955)
2009-09-24 00:00:00
Apache Tomcat 4.x < 4.1.32 Multiple Vulnerabilities
2010-06-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Tomcat Directory Listing Information Disclosure (CVE-2006-3835)
2009-10-07 00:00:00
securityvulns
securityvulns
ToutVirtual VirtualIQ Multiple Vulnerabilities
2009-11-09 00:00:00
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities &#40;Updated - v1.1&#41;
2009-01-28 00:00:00
seebug
seebug
toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities
2014-07-01 00:00:00
ToutVirtual VirtualIQ Pro 3.2 Multiple Vulnerabilities
2009-11-07 00:00:00
ToutVirtual VirtualIQ Multiple Vulnerabilities
2009-11-10 00:00:00
zdt
zdt
ToutVirtual VirtualIQ Pro 3.2 Multiple Vulnerabilities
2009-11-07 00:00:00
exploitpack
exploitpack
toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities
2009-11-07 00:00:00
packetstorm
packetstorm
ToutVirtual VirtualIQ Pro XSS / XSRF / Execution
2009-11-17 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.13, 5.0.SVN
2005-11-06 00:00:00
Fixed in Apache Tomcat 4.1.32
2005-11-06 00:00:00
exploitdb
exploitdb
toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities
2009-11-07 00:00:00
redhat
redhat
(RHSA-2007:1069) Moderate: tomcat security update for Red Hat Network Satellite Server
2007-11-26 00:00:00
(RHSA-2007:0326) Important: tomcat security update
2007-05-21 00:00:00
(RHSA-2008:0524) Low: Red Hat Network Satellite Server security update
2008-06-30 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:28254
cve1openvas9cvelist1nvd1veracode1nessus6checkpoint_advisories1securityvulns2seebug3zdt1exploitpack1packetstorm1tomcat2exploitdb1redhat4