Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2008-0002 | First vendor Publication | 2008-02-11 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5.8 | Attack Range | Network |
| Cvss Impact Score | 4.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002 |
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-05-12 | Name : Mac OS X Security Update 2008-007 File : nvt/macosx_secupd_2008-007.nasl |
| 2009-10-13 | Name : SLES10: Security update for Websphere Community Edition File : nvt/sles10_websphere-as_ce0.nasl |
| 2009-02-18 | Name : SuSE Security Summary SUSE-SR:2009:004 File : nvt/suse_sr_2009_004.nasl |
| 2009-02-16 | Name : Fedora Update for tomcat5 FEDORA-2008-1467 File : nvt/gb_fedora_2008_1467_tomcat5_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for tomcat5 FEDORA-2008-1603 File : nvt/gb_fedora_2008_1603_tomcat5_fc8.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-10 (tomcat) File : nvt/glsa_200804_10.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 41434 | Apache Tomcat Exception Handling Subsequent Request Information Disclosure |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0151.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0213.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_16.nasl - Type : ACT_GATHER_INFO |
| 2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_websphere-as_ce-5850.nasl - Type : ACT_GATHER_INFO |
| 2008-10-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-007.nasl - Type : ACT_GATHER_INFO |
| 2008-04-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-10.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1467.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1603.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:15:06 |
|
| 2024-11-28 12:14:26 |
|
| 2021-05-04 12:06:54 |
|
| 2021-04-22 01:07:23 |
|
| 2020-05-23 00:21:01 |
|
| 2018-10-16 00:19:23 |
|
| 2016-04-26 16:58:24 |
|
| 2016-03-04 13:26:24 |
|
| 2014-03-18 13:21:48 |
|
| 2014-03-08 13:21:26 |
|
| 2014-02-17 10:43:08 |
|
| 2013-05-11 00:05:26 |
|
