oval:org.mitre.oval:def:21729

Definition Id: oval:org.mitre.oval:def:21729
 
Oval ID: oval:org.mitre.oval:def:21729
Title: ELSA-2008:0648: tomcat security update (Important)
Description: Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
Family: unix Class: patch
Reference(s): ELSA-2008:0648-01
CVE-2008-1232
CVE-2008-1947
CVE-2008-2370
CVE-2008-2938
 Version: 21
Platform(s): Oracle Linux 5
 Product(s): tomcat5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15459
 
Oval ID: oval:org.mitre.oval:def:15459
Title: Oracle Linux 5.x
Description: The operating system installed on the system is Oracle Linux 5.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:5
 Version: 7
Platform(s): Oracle Linux 5
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:21729