Lucene search
OracleLinuxELSA-2016-2045HistoryOct 10, 2016 - 12:00 a.m.
tomcat6 security and bug fix update
2016-10-1000:00:00
linux.oracle.com
39
EPSS
0.948
Percentile
99.3%
[0:6.0.24-98]
- Resolves: rhbz#1362210 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
- Resolves: rhbz#1368119
[0:6.0.24-97] - Resolves: rhbz#1367051 CVE-2015-5174 URL Normalization issue
- Resolves: rhbz#1367054 CVE-2016-0706 Security Manager bypass via StatusManagerServlet
- Resolves: rhbz#1367058 CVE-2016-0714 Security Manager bypass via persistence mechanisms
- Resolves: rhbz#1367054 CVE-2015-5345 Directory disclosure
[0:6.0.24-96] - Resolves: rhbz#1357123 rpm -V tomcat6 fails due on /var/log/tomcat6/catalina.out
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 6 | src | tomcat6 | < 6.0.24-98.el6_8 | tomcat6-6.0.24-98.el6_8.src.rpm |
| oracle linux | 6 | noarch | tomcat6 | < 6.0.24-98.el6_8 | tomcat6-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-admin-webapps | < 6.0.24-98.el6_8 | tomcat6-admin-webapps-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-docs-webapp | < 6.0.24-98.el6_8 | tomcat6-docs-webapp-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-el-2.1-api | < 6.0.24-98.el6_8 | tomcat6-el-2.1-api-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-javadoc | < 6.0.24-98.el6_8 | tomcat6-javadoc-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-jsp-2.1-api | < 6.0.24-98.el6_8 | tomcat6-jsp-2.1-api-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-lib | < 6.0.24-98.el6_8 | tomcat6-lib-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-servlet-2.5-api | < 6.0.24-98.el6_8 | tomcat6-servlet-2.5-api-6.0.24-98.el6_8.noarch.rpm |
| oracle linux | 6 | noarch | tomcat6-webapps | < 6.0.24-98.el6_8 | tomcat6-webapps-6.0.24-98.el6_8.noarch.rpm |
Related
nessus
nessus
RHEL 6 : tomcat6 (RHSA-2016:2045) (httpoxy)
2016-10-11 00:00:00
Scientific Linux Security Update : tomcat6 on SL6.x (noarch) (20161010) (httpoxy)
2016-10-12 00:00:00
Oracle Linux 6 : tomcat6 (ELSA-2016-2045) (httpoxy)
2016-10-11 00:00:00
redhat
redhat
(RHSA-2016:2045) Important: tomcat6 security and bug fix update
2016-10-10 18:29:33
(RHSA-2016:2599) Moderate: tomcat security, bug fix, and enhancement update
2016-11-03 06:07:16
(RHSA-2016:1088) Moderate: Red Hat JBoss Web Server 3.0.3 update
2016-05-17 16:10:14
openvas
openvas
CentOS Update for tomcat6 CESA-2016:2045 centos6
2016-10-12 00:00:00
RedHat Update for tomcat6 RHSA-2016:2045-01
2016-10-11 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-681)
2016-03-31 00:00:00
centos
centos
tomcat6 security update
2016-10-11 18:36:02
tomcat security update
2016-11-25 15:49:52
tomcat security update
2016-10-11 18:36:52
amazon
amazon
Medium: tomcat6
2016-03-29 15:30:00
Medium: tomcat7
2016-03-29 15:30:00
Medium: tomcat8
2016-03-10 16:30:00
suse
suse
Security update for tomcat6 (important)
2016-03-21 14:14:16
Security update for tomcat (important)
2016-03-15 15:12:43
Security update for tomcat (important)
2016-03-23 18:09:46
f5
f5
SOL30971148 - Apache Tomcat 6.x vulnerabilities CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, and CVE-2016-0714
2016-03-22 00:00:00
K73644551 : Apache Tomcat vulnerability CVE-2016-6325
2016-10-20 00:00:00
SOL73644551 - Apache Tomcat vulnerability CVE-2016-6325
2016-10-20 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 6.0.45
2016-02-11 00:00:00
Fixed in Apache Tomcat 7.0.68
2016-02-16 00:00:00
Fixed in Apache Tomcat 9.0.0.M3
2016-01-05 00:00:00
ibm
ibm
Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is susceptible to multiple vulnerabilities. (CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2015-5174)
2018-06-16 21:42:42
osv
osv
tomcat6 - security update
2016-02-27 00:00:00
tomcat7 - security update
2016-04-17 00:00:00
tomcat-8.0.36-3.3 on GA media
2024-06-15 00:00:00
debian
debian
[SECURITY] [DLA 435-1] tomcat6 security update
2016-02-27 19:09:41
[SECURITY] [DSA 3609-1] tomcat8 security update
2016-06-29 19:54:21
[SECURITY] [DSA 3552-1] tomcat7 security update
2016-04-17 18:44:26
freebsd
freebsd
tomcat -- multiple vulnerabilities
2016-02-22 00:00:00
atlassian
atlassian
Upgrade Tomcat to the latest 8.0.x release
2016-02-19 00:04:16
Upgrade Tomcat to the latest 8.0.x release
2016-02-19 00:04:16
Upgrade Tomcat to the latest 8.0.x release
2016-02-19 00:04:16
mageia
mageia
Updated tomcat packages fix security vulnerabilities
2016-03-02 21:28:46
Updated tomcat packages fix security vulnerability
2016-09-21 23:38:22
symantec
symantec
SA118 : February 2016 Apache Tomcat Vulnerabilities
2016-03-15 08:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2016-07-05 00:00:00
oraclelinux
oraclelinux
tomcat security, bug fix, and enhancement update
2016-11-09 00:00:00
tomcat security update
2016-10-10 00:00:00
cvelist
cvelist
redhatcve
redhatcve
CVE-2016-6325
2016-10-10 08:47:27
ubuntucve
ubuntucve
nvd
nvd
debiancve
debiancve
veracode
veracode
Privilege Escalation
2019-05-20 00:08:58
Directory Information Disclosure
2019-01-15 09:11:49
Directory Traversal
2019-01-15 09:09:27
prion
prion
Design/Logic Flaw
2016-10-13 14:59:00
Directory traversal
2016-02-25 01:59:00
Design/Logic Flaw
2016-02-25 01:59:00
cve
cve
cloudfoundry
cloudfoundry
USN-3024-1: tomcat6, tomcat7 vulnerabilities | Cloud Foundry
2017-01-19 00:00:00
github
github
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
2022-05-14 01:10:16
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
2022-05-14 01:10:16
Improper Access Control in Apache Tomcat
2022-05-14 01:10:17
archlinux
archlinux
[ASA-201609-21] tomcat7: proxy injection
2016-09-22 00:00:00
[ASA-201609-7] tomcat8: proxy injection
2016-09-10 00:00:00
[ASA-201611-6] tomcat6: proxy injection
2016-11-02 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2017-05-18 00:00:00