Oval Definition:oval:org.opensuse.security:def:20076286
Revision Date:2012-11-01Version:1
Title:CVE-2007-6286
Description:

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-6286
Platform(s):openSUSE 10.3
Product(s):
Definition Synopsis
  • suse103 is installed
  • AND Package Information
  • tomcat55-admin-webapps less than 5.5.23-113.5
  • OR tomcat55-common-lib less than 5.5.23-113.5
  • OR tomcat55-jasper-javadoc less than 5.5.23-113.5
  • OR tomcat55-jasper less than 5.5.23-113.5
  • OR tomcat55-jsp-2_0-api-javadoc less than 5.5.23-113.5
  • OR tomcat55-jsp-2_0-api less than 5.5.23-113.5
  • OR tomcat55-server-lib less than 5.5.23-113.5
  • OR tomcat55-servlet-2_4-api-javadoc less than 5.5.23-113.5
  • OR tomcat55-servlet-2_4-api less than 5.5.23-113.5
  • OR tomcat55-webapps less than 5.5.23-113.5
  • OR tomcat55 less than 5.5.23-113.5
  • BACK