Oval Definition:	oval:org.opensuse.security:def:20071860
Revision Date: 2015-11-16 Version: 1 Title: CVE-2007-1860 Description: mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450. Family: unix Class: vulnerability Status: Reference(s): CVE-2007-1860 Platform(s): Novell Linux Desktop 9 SDK for x86 Novell Linux Desktop 9 SDK for x86_64 Open Enterprise Server openSUSE 10.3 SUSE LINUX 10.1 Product(s): Definition Synopsis Release Information sles9-nld-sdk is installed AND jakarta-tomcat less than 5.0.19-29.11 OR sles9-oes is installed apache-jakarta-tomcat-connectors less than 5.0.19-29.11 OR apache2-jakarta-tomcat-connectors less than 5.0.19-29.11 OR jakarta-tomcat-doc less than 5.0.19-29.11 OR jakarta-tomcat-examples less than 5.0.19-29.11 OR jakarta-tomcat less than 5.0.19-29.11 OR Package Information suse101 is installed AND mod_jk-ap20 less than 4.1.30-0.2 OR tomcat5-admin-webapps less than 5.0.30-27.21 OR tomcat5-webapps less than 5.0.30-27.21 OR tomcat5 less than 5.0.30-27.21
BACK