This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:tomcat:5.0.5
Detail
VendorApacheFirst view 2007-05-09
ProductTomcatLast view 2014-02-26
Version5.0.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:tomcat

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.32014-02-26CVE-2013-4590NetworkMediumNone Requ...
4.32014-02-26CVE-2013-4322NetworkMediumNone Requ...
5.82014-02-26CVE-2013-4286NetworkMediumNone Requ...
6.82013-11-13CVE-2013-6357NetworkMediumNone Requ...
52012-11-30CVE-2012-5568NetworkLowNone Requ...
Hide | Show 9 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52009-11-12CVE-2009-3548NetworkLowNone Requ...
2.62009-04-09CVE-2008-5519NetworkHighNone Requ...
52008-02-11CVE-2007-5333NetworkLowNone Requ...
4.32007-08-14CVE-2007-3385NetworkMediumNone Requ...
4.32007-08-14CVE-2007-3382NetworkMediumNone Requ...
3.52007-06-14CVE-2007-2450NetworkMediumRequires ...
4.32007-06-14CVE-2007-2449NetworkMediumNone Requ...
4.32007-05-21CVE-2007-1355NetworkMediumNone Requ...
4.32007-05-09CVE-2006-7196NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
41% (5)CWE-200Information Exposure
16% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (2)CWE-20Improper Input Validation
8% (1)CWE-352Cross-Site Request Forgery (CSRF)
8% (1)CWE-255Credentials Management
Hide | Show 1 More...
%idName
8% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:6111HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (...
oval:org.mitre.oval:def:10578Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in t...
oval:org.mitre.oval:def:11287Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2...
oval:org.mitre.oval:def:22687ELSA-2007:0569: tomcat security update (Moderate)
oval:org.mitre.oval:def:11269Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1...
Hide | Show 5 More...
idName
oval:org.mitre.oval:def:9549Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1...
oval:org.mitre.oval:def:11177Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4...
oval:org.mitre.oval:def:7033HP-UX Running Tomcat Servlet Engine, Remote Increase in Privilege, Arbitrary ...
oval:org.mitre.oval:def:20415Third party component updates for VMware vCenter Server, vCenter Update Manag...
oval:org.mitre.oval:def:19414HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), ...

Open Source Vulnerability Database (OSVDB)

idDescription
60176Apache Tomcat Windows Installer Admin Default Password
53381Apache Tomcat JK Connector Content-Length Header Cross-user Information Discl...
41435Apache Tomcat %5C Cookie Handling Session ID Disclosure
37071Apache Tomcat Cookie Handling Session ID Disclosure
37070Apache Tomcat Cookie Handling Quote Delimiter Session ID Disclosure
Hide | Show 4 More...
idDescription
36080Apache Tomcat JSP Examples Crafted URI XSS
36079Apache Tomcat Manager Uploaded Filename XSS
34888Apache Tomcat Example Calendar Application cal2.jsp time Parameter XSS
34875Apache Tomcat appdev/sample/web/hello.jsp Multiple Parameter XSS

ExploitDB Exploits

idDescription
31130Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosur...
29435Apache Tomcat 5.5.25 - CSRF Vulnerabilities

Metasploit Exploits

idDescription
2009-11-09Apache Tomcat Manager Authenticated Upload Code Execution
2009-11-09Apache Tomcat Manager Application Deployer Authenticated Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-05Name : Apache Tomcat Partial HTTP Requests DoS Vulnerability (Windows)
File : nvt/gb_apache_tomcat_partial_http_req_dos_vuln_win.nasl
2012-03-16Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2011-08-09Name : CentOS Update for tomcat5 CESA-2009:1164 centos5 i386
File : nvt/gb_CESA-2009_1164_tomcat5_centos5_i386.nasl
2010-09-14Name : Mandriva Update for tomcat5 MDVSA-2010:176 (tomcat5)
File : nvt/gb_mandriva_MDVSA_2010_176.nasl
2010-06-23Name : HP-UX Update for Tomcat Servlet Engine HPSBUX02541
File : nvt/gb_hp_ux_HPSBUX02541.nasl
Hide | Show 20 More...
idDescription
2010-05-12Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2010-05-12Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl
2010-02-03Name : Solaris Update for Apache 1.3 122911-19
File : nvt/gb_solaris_122911_19.nasl
2010-02-03Name : Solaris Update for Apache 1.3 122912-19
File : nvt/gb_solaris_122912_19.nasl
2009-11-17Name : Apache Tomcat Windows Installer Privilege Escalation Vulnerability
File : nvt/secpod_apache_tomcat_priv_esc_vuln_win.nasl
2009-11-11Name : RedHat Security Advisory RHSA-2009:1562
File : nvt/RHSA_2009_1562.nasl
2009-11-11Name : RedHat Security Advisory RHSA-2009:1563
File : nvt/RHSA_2009_1563.nasl
2009-11-11Name : SuSE Security Summary SUSE-SR:2009:018
File : nvt/suse_sr_2009_018.nasl
2009-10-13Name : Solaris Update for tomcat security 114016-04
File : nvt/gb_solaris_114016_04.nasl
2009-10-13Name : Solaris Update for tomcat security 114017-05
File : nvt/gb_solaris_114017_05.nasl
2009-10-13Name : Solaris Update for Apache 1.3 122911-17
File : nvt/gb_solaris_122911_17.nasl
2009-10-13Name : Solaris Update for Apache 1.3 122912-17
File : nvt/gb_solaris_122912_17.nasl
2009-10-13Name : SLES10: Security update for Tomcat 5
File : nvt/sles10_tomcat53.nasl
2009-10-13Name : SLES10: Security update for Websphere Community Edition
File : nvt/sles10_websphere-as_ce0.nasl
2009-10-10Name : SLES9: Security update for Tomcat
File : nvt/sles9p5021793.nasl
2009-10-10Name : SLES9: Security update for Tomcat
File : nvt/sles9p5023110.nasl
2009-09-23Name : Solaris Update for tomcat security 114017-04
File : nvt/gb_solaris_114017_04.nasl
2009-09-23Name : Solaris Update for Apache 1.3 122911-16
File : nvt/gb_solaris_122911_16.nasl
2009-09-23Name : Solaris Update for Apache 1.3 122912-16
File : nvt/gb_solaris_122912_16.nasl
2009-08-17Name : CentOS Security Advisory CESA-2009:1164 (tomcat)
File : nvt/ovcesa2009_1164.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-B-0019Multiple Vulnerabilities in Apache Tomcat
Severity : Category I - VMSKEY : V0044527
2013-A-0219Multiple Vulnerabilities in Juniper Networks and Security Manager
Severity : Category I - VMSKEY : V0042384
2011-A-0066Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158

Snort® IPS/IDS

DateDescription
2014-01-10PyLoris http DoS tool
RuleID : 28532 - Type : MALWARE-TOOLS - Revision : 1
2014-01-10HP Performance Manager Apache Tomcat policy bypass attempt
RuleID : 17156 - Type : SERVER-APACHE - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-04-09Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2897.nasl - Type : ACT_GATHER_INFO
2014-04-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0343.nasl - Type : ACT_GATHER_INFO
2014-04-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0344.nasl - Type : ACT_GATHER_INFO
2014-03-07Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2130-1.nasl - Type : ACT_GATHER_INFO
2014-02-25Name : The remote Apache Tomcat service may be affected by multiple vulnerabilities.
File : tomcat_6_0_39.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-02-25Name : The remote Apache Tomcat service may be affected by multiple vulnerabilities.
File : tomcat_7_0_50.nasl - Type : ACT_GATHER_INFO
2013-11-21Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_2012_2_r5.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0569.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0871.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1164.nasl - Type : ACT_GATHER_INFO
2013-02-04Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_tomcat6-130107.nasl - Type : ACT_GATHER_INFO
2013-02-03Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_tomcat5-8397.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20070717_tomcat_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090723_tomcat_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-11-18Name : The remote Apache Tomcat service is potentially affected by multiple vulnerab...
File : tomcat_6_0_13.nasl - Type : ACT_GATHER_INFO
2011-02-14Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2010-12-07Name : The remote Apache Tomcat service may be affected by multiple vulnerabilities.
File : tomcat_5_5_25.nasl - Type : ACT_GATHER_INFO
2010-09-13Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-176.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Apache Tomcat service may be affected by multiple vulnerabilities.
File : tomcat_5_5_26.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Apache Tomcat service may be affected by multiple vulnerabilities.
File : tomcat_6_0_16.nasl - Type : ACT_GATHER_INFO
2010-06-16Name : The remote Apache Tomcat service may be affected by multiple vulnerabilities.
File : tomcat_4_1_32.nasl - Type : ACT_GATHER_INFO
2010-06-16Name : The remote Apache Tomcat service may be affected by multiple vulnerabilities.
File : tomcat_4_1_37.nasl - Type : ACT_GATHER_INFO
2010-06-14Name : The remote web server is prone to an information disclosure attack.
File : mod_jk_1_2_27.nasl - Type : ACT_GATHER_INFO
2010-01-10Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0630.nasl - Type : ACT_GATHER_INFO
2010-01-10Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1616.nasl - Type : ACT_GATHER_INFO