Computer Security
[EN] securityvulns.ru no-pyccku


Apache Tomcat information leak
Published:26.02.2009
Source:
SecurityVulns ID:9697
Type:remote
Threat Level:
6/10
Description:Under some conditions it's possible to retrieve data from previous POST request.
Affected:APACHE : Tomcat 4.1
 APACHE : Tomcat 5.5
CVE:CVE-2008-4308 (The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.)
Original documentdocumentAPACHE, [SECURITY] CVE-2008-4308: Tomcat information disclosure vulnerability (26.02.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod