Vulnerability Name: CVE-2009-0580 (CCN-50930) Assigned: 2009-06-03 Published: 2009-06-03 Updated: 2023-02-13 Summary: Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter. CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): NoneAvailibility (A): None
CVSS v2 Severity: 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N 3.9 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:H/RL:TF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N 4.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:TF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N 4.5 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:TF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
Vulnerability Consequences: Obtain Information References: Source: CCN[SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication CVE-2009-0580 HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access HP Performance Manager, Remote Unauthorized Access, Cross Site Scripting (XSS), Denial of Service (DoS) secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com Important: JBoss Enterprise Application Platform 4.2.0.CP07 update Important: JBoss Enterprise Application Platform 4.2.0.CP07 update Important: JBoss Enterprise Application Platform 4.3.0.CP05 update Important: JBoss Enterprise Application Platform 4.3.0.CP05 update Important: tomcat security update Important: tomcat5 security update Important: tomcat6 security update Important: tomcat security update Important: tomcat security update Low: tomcat security update for Red Hat Network Satellite Server Moderate: Red Hat Certificate System 7.3 security update Apache Tomcat Multiple Vulnerabilities Apache Tomcat 6 Multiple Vulnerabilities Fujitsu Interstage Products Information Disclosure Vulnerabilities Sun Solaris Tomcat Multiple Vulnerabilities HP-UX Apache Web Server Suite Tomcat Multiple Vulnerabilities VMware Products Update for Multiple Packages HP Performance Manager Apache Tomcat Multiple Vulnerabilities IBM Tivoli Netcool/Webtop Tomcat Vulnerabilities IBM Rational Quality Manager Tomcat Multiple Vulnerabilities Tomcat Authentication Response Error Lets Remote Users Determine Valid Usernames secalert@redhat.com secalert@redhat.com Security Vulnerabilities in Solaris Bundled Tomcat May Lead to Unauthorized Access to Data or Denial of Service (DoS) About the security content of Security Update 2010-002 / Mac OS X v10.6.3 secalert@redhat.com Tomcat 6.0 secalert@redhat.com secalert@redhat.com Tomcat 4.1 secalert@redhat.com Tomcat 5.5 Apache Tomcat secalert@redhat.com secalert@redhat.com secalert@redhat.com Fix list for Webtop Version 2.1 secalert@redhat.com tomcat5.5 -- several vulnerabilities Interstage Application Server: Information Disclosure Vulnerabilities(CVE-2008-2370/CVE-2008-5515) secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness secalert@redhat.com Tomcat vulnerabilities secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com tomcat-jsecuritycheck-info-disclosure(50930) secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com secalert@redhat.com TADDM affected by multiple vulnerabilities due to Apache Tomcat libraries secalert@redhat.com secalert@redhat.com secalert@redhat.com SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Configuration CCN 1 :cpe:/a:apache:tomcat:4.1.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.34:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.25:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.3:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.31:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.36:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.9:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.23:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.30:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.23:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.25:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:* OR cpe:/a:redhat:certificate_system:7.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.32:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.37:*:*:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_89::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_89::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_95::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_95::x86:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.23:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.30:*:*:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_01::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_02::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_13::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_19::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_22::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_39::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_47::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_64::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_79b::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_88::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_01::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_02::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_13::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_19::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_22::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_39::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_47::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_64::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_79b::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_88::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_03::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_04::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_05::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_06::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_07::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_08::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_09::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_10::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_11::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_12::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_14::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_15::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_16::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_18::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_20::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_21::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_24::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_25::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_26::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_27::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_28::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_29::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_31::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_32::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_33::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_34::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_35::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_37::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_41::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_43::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_44::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_45::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_48::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_50::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_53::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_54::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_56::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_58::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_59::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_60::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_62::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_65::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_68::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_69::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_72::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_75::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_76::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_78::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_81::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_82::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_84::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_85::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_87::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_86::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_17::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_23::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_30::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_36::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_38::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_42::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_46::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_49::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_51::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_52::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_55::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_57::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_61::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_63::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_66::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_67::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_70::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_71::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_73::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_74::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_77::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_79::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_83::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_03::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_04::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_05::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_06::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_07::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_15::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_08::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_14::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_11::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_17::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_12::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_09::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_16::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_10::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_21::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_20::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_27::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_26::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_25::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_24::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_23::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_18::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_28::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_33::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_34::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_35::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_36::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_32::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_37::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_31::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_30::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_29::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_40::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_41::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_42::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_43::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_44::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_38::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_45::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_46::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_48::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_55::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_54::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_50::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_57::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_49::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_56::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_52::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_51::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_53::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_67::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_66::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_59::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_65::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_58::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_61::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_63::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_60::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_62::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_71::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_68::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_72::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_77::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_70::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_74::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_73::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_76::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_69::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_75::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_78::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_84::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_83::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_79::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_86::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_85::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_87::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_80::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_82::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_81::sparc:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.25:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.9:*:*:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_100::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_100::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_102::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_102::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_80::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_91::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_91::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_90::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_90::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_40::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_104::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_104::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_101::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_101::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_105::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_105::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_92::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_92::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_93::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_94::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_99::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_98::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_97::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_96::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_94::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_93::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_99::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_97::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_98::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_96::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_103::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_103::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_106::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_106::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_107::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_107::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_108::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_109::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_110::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_108::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_109::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_110::x86:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.33:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.35:*:*:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_111::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_111::x86:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.27:*:*:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_112::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_113::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_112::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_113::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_114::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_114::x86:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_116::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_116::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_117::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_117::x86:*:*:*:*:* AND cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:* OR cpe:/o:sun:solaris:9::x86:*:*:*:*:* OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:* OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:* OR cpe:/o:sun:solaris:10::x86:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:x86_64:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* OR cpe:/a:redhat:rhel_developer_suite:3:*:*:*:*:*:*:* OR cpe:/a:redhat:rhel_application_server:2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:* OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:* OR cpe:/a:ibm:tivoli_netcool_webtop:2.1.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:* OR cpe:/o:canonical:ubuntu:8.10:*:*:*:*:*:*:* OR cpe:/a:fujitsu:interstage_apworks:6.0:*:*:*:*:*:*:* OR cpe:/a:fujitsu:interstage_studio:10.0.0:*:*:*:*:*:*:* OR cpe:/a:fujitsu:interstage_job_workload_server:8.1.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:* Oval Definitions Definition ID Class Title Last Modified oval:org.opensuse.security:def:20090580 V CVE-2009-0580 2022-05-20 oval:org.opensuse.security:def:26227 P Security update for the Linux Kernel (Important) 2022-01-13 oval:org.opensuse.security:def:31756 P Security update for apache2 (Important) 2022-01-12 oval:org.opensuse.security:def:32290 P Security update for apache2 (Important) 2022-01-12 oval:org.opensuse.security:def:42242 P Security update for the Linux Kernel (Important) 2021-12-06 oval:org.opensuse.security:def:32229 P Security update for ruby2.1 (Important) 2021-12-01 oval:org.opensuse.security:def:26174 P Security update for openexr (Moderate) 2021-12-01 oval:org.opensuse.security:def:31314 P Security update for xen (Moderate) 2021-12-01 oval:org.opensuse.security:def:32232 P Security update for webkit2gtk3 (Important) 2021-12-01 oval:org.opensuse.security:def:31303 P Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important) 2021-11-19 oval:org.opensuse.security:def:31302 P Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important) 2021-11-19 oval:org.opensuse.security:def:26161 P Security update for samba (Important) 2021-11-10 oval:org.opensuse.security:def:33011 P Security update for hivex (Moderate) 2021-09-23 oval:org.opensuse.security:def:26117 P Security update for xen (Important) 2021-09-02 oval:org.opensuse.security:def:32180 P Security update for file (Important) 2021-09-02 oval:org.opensuse.security:def:31669 P Security update for cpio (Important) 2021-08-23 oval:org.opensuse.security:def:26103 P Security update for the Linux Kernel (Important) 2021-08-10 oval:org.opensuse.security:def:32972 P Security update for webkit2gtk3 (Important) 2021-08-03 oval:org.opensuse.security:def:32145 P Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important) 2021-07-21 oval:org.opensuse.security:def:32124 P Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important) 2021-06-18 oval:org.opensuse.security:def:32122 P Security update for apache2 (Important) 2021-06-17 oval:org.opensuse.security:def:42719 P tomcat6-6.0.41-0.43.1 on GA media (Moderate) 2021-06-08 oval:org.opensuse.security:def:36312 P tomcat6-6.0.41-0.43.1 on GA media (Moderate) 2021-06-08 oval:org.opensuse.security:def:26065 P Security update for polkit (Important) 2021-06-03 oval:org.opensuse.security:def:26064 P Security update for libwebp (Critical) 2021-06-02 oval:org.opensuse.security:def:32088 P Security update for bind (Important) 2021-05-04 oval:org.opensuse.security:def:32078 P Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important) 2021-04-28 oval:org.opensuse.security:def:31612 P Security update for gdm (Important) 2021-04-28 oval:org.opensuse.security:def:32268 P Security update for openldap2 (Important) 2021-03-03 oval:org.opensuse.security:def:26203 P Security update for openldap2 (Important) 2021-03-03 oval:org.opensuse.security:def:31732 P Security update for krb5-appl (Important) 2021-02-19 oval:org.opensuse.security:def:26146 P Security update for python3 (Important) 2021-02-08 oval:org.opensuse.security:def:35835 P tomcat6-6.0.18-20.35.36.1 on GA media (Moderate) 2020-12-03 oval:org.opensuse.security:def:42455 P tomcat6-6.0.18-20.35.40.1 on GA media (Moderate) 2020-12-03 oval:org.opensuse.security:def:36048 P tomcat6-6.0.18-20.35.40.1 on GA media (Moderate) 2020-12-03 oval:org.opensuse.security:def:25397 P Security update for java-1_7_0-openjdk (Important) 2020-12-01 oval:org.opensuse.security:def:26287 P Security update for zeromq (Moderate) 2020-12-01 oval:org.opensuse.security:def:32554 P libltdl7 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:31778 P Security update for MozillaFirefox (Important) 2020-12-01 oval:org.opensuse.security:def:25939 P Security update for gstreamer-0_10-plugins-base (Moderate) 2020-12-01 oval:org.opensuse.security:def:25670 P Security update for ucode-intel (Moderate) 2020-12-01 oval:org.opensuse.security:def:32017 P Security update for the Linux Kernel (Important) 2020-12-01 oval:org.opensuse.security:def:33275 P tomcat6 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:31864 P Security update for curl (Moderate) 2020-12-01 oval:org.opensuse.security:def:31526 P Security update for rsyslog (Moderate) 2020-12-01 oval:org.opensuse.security:def:25962 P Security update for mariadb (Important) 2020-12-01 oval:org.opensuse.security:def:26593 P libnetpbm10 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25861 P Security update for the Linux Kernel (Important) 2020-12-01 oval:org.opensuse.security:def:31824 P Security update for bash (Low) 2020-12-01 oval:org.opensuse.security:def:26315 P Security update for MozillaThunderbird (Moderate) 2020-12-01 oval:org.opensuse.security:def:31520 P Security update for rpcbind (Moderate) 2020-12-01 oval:org.opensuse.security:def:27310 P tomcat6 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25937 P Security update for the Linux Kernel (Important) 2020-12-01 oval:org.opensuse.security:def:27011 P perl-32bit on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25609 P Security update for sysstat (Moderate) 2020-12-01 oval:org.opensuse.security:def:25386 P Security update for the Linux Kernel (Important) 2020-12-01 oval:org.opensuse.security:def:32532 P java-1_4_2-ibm on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25882 P Security update for python-tornado (Moderate) 2020-12-01 oval:org.opensuse.security:def:25589 P Security update for zabbix (Moderate) 2020-12-01 oval:org.opensuse.security:def:26491 P Security update for nextcloud (Moderate) 2020-12-01 oval:org.opensuse.security:def:33236 P ppc64-diag on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:31790 P Security update for MozillaFirefox (Moderate) 2020-12-01 oval:org.opensuse.security:def:32334 P Security update for samba (Important) 2020-12-01 oval:org.opensuse.security:def:31515 P Security update for quagga (Low) 2020-12-01 oval:org.opensuse.security:def:25811 P Security update for libvirt (Moderate) 2020-12-01 oval:org.opensuse.security:def:26579 P libMagickCore1-32bit on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:26276 P Security update for python (Moderate) 2020-12-01 oval:org.opensuse.security:def:32799 P tomcat6 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:31388 P Security update for openwsman (Important) 2020-12-01 oval:org.opensuse.security:def:32388 P Security update for tomcat6 (Important) 2020-12-01 oval:org.opensuse.security:def:27275 P pure-ftpd on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25873 P Security update for libcares2 (Low) 2020-12-01 oval:org.opensuse.security:def:31968 P Security update for ipmitool (Important) 2020-12-01 oval:org.opensuse.security:def:26373 P Security update for ffmpeg (Moderate) 2020-12-01 oval:org.opensuse.security:def:25598 P Security update for curl (Moderate) 2020-12-01 oval:org.opensuse.security:def:25385 P Security update for MozillaFirefox (Moderate) 2020-12-01 oval:org.opensuse.security:def:32493 P bzip2 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25801 P Security update for libvdpau (Moderate) 2020-12-01 oval:org.opensuse.security:def:26834 P tomcat6 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25461 P Security update for cpio (Moderate) 2020-12-01 oval:org.opensuse.security:def:26438 P Security update for ansible (Moderate) 2020-12-01 oval:org.opensuse.security:def:32598 P python on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:31779 P Security update for MozillaFirefox (Important) 2020-12-01 oval:org.opensuse.security:def:26023 P Security update for evince (Important) 2020-12-01 oval:org.opensuse.security:def:31514 P Security update for quagga (Moderate) 2020-12-01 oval:org.opensuse.security:def:25727 P Security update for libzypp (Moderate) 2020-12-01 oval:org.opensuse.security:def:32056 P Security update for kvm (Important) 2020-12-01 oval:org.opensuse.security:def:31996 P Security update for java-1_7_1-ibm (Moderate) 2020-12-01 oval:org.opensuse.security:def:26540 P enscript on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:31600 P Security update for tightvnc (Important) 2020-12-01 oval:org.opensuse.security:def:26015 P Security update for libplist (Moderate) 2020-12-01 oval:org.opensuse.security:def:32760 P opie on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:26637 P ruby on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25862 P Recommended update for mariadb (Important) 2020-12-01 oval:org.opensuse.security:def:31881 P Security update for dnsmasq (Important) 2020-12-01 oval:org.opensuse.security:def:26329 P Security update for znc (Low) 2020-12-01 oval:org.opensuse.security:def:25597 P Security update for squid (Critical) 2020-12-01 oval:org.opensuse.security:def:32444 P Security update for xen (Important) 2020-12-01 oval:org.opensuse.security:def:27046 P tomcat6 on GA media (Moderate) 2020-12-01 oval:org.opensuse.security:def:25673 P Security update for openldap2 (Important) 2020-12-01 oval:org.opensuse.security:def:31912 P Security update for gcc43 (Moderate) 2020-12-01 oval:org.opensuse.security:def:26799 P pam_mount on GA media (Moderate) 2020-12-01 oval:org.mitre.oval:def:29179 P RHSA-2009:1164 -- tomcat security update (Important) 2015-08-17 oval:org.mitre.oval:def:6628 V HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access 2015-04-20 oval:org.mitre.oval:def:18915 V HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities 2015-04-20 oval:org.mitre.oval:def:13787 P USN-788-1 -- tomcat6 vulnerabilities 2014-06-30 oval:org.mitre.oval:def:12963 P DSA-2207-1 tomcat5.5 -- several 2014-06-23 oval:org.mitre.oval:def:22721 P ELSA-2009:1164: tomcat security update (Important) 2014-05-26 oval:org.mitre.oval:def:9101 V Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter. 2013-04-29 oval:com.redhat.rhsa:def:20091164 P RHSA-2009:1164: tomcat security update (Important) 2009-07-21
BACK
apache tomcat 4.1.10
apache tomcat 4.1.0
apache tomcat 5.5.4
apache tomcat 5.0.19
apache tomcat 4.1.24
apache tomcat 5.0.28
apache tomcat 5.5.12
apache tomcat 5.5.9
apache tomcat 5.5.7
apache tomcat 4.1.34
apache tomcat 5.5.20
apache tomcat 5.0.25
apache tomcat 5.5.17
apache tomcat 5.0.0
apache tomcat 4.1.1
apache tomcat 4.1.12
apache tomcat 4.1.15
apache tomcat 4.1.2
apache tomcat 4.1.28
apache tomcat 4.1.3
apache tomcat 4.1.3 beta
apache tomcat 4.1.31
apache tomcat 4.1.36
apache tomcat 4.1.9 beta
apache tomcat 5.0.1
apache tomcat 5.0.10
apache tomcat 5.0.11
apache tomcat 5.0.12
apache tomcat 5.0.13
apache tomcat 5.0.14
apache tomcat 5.0.15
apache tomcat 5.0.16
apache tomcat 5.0.17
apache tomcat 5.0.18
apache tomcat 5.0.2
apache tomcat 5.0.21
apache tomcat 5.0.22
apache tomcat 5.0.23
apache tomcat 5.0.24
apache tomcat 5.0.26
apache tomcat 5.0.27
apache tomcat 5.0.29
apache tomcat 5.0.3
apache tomcat 5.0.30
apache tomcat 5.0.4
apache tomcat 5.0.5
apache tomcat 5.0.6
apache tomcat 5.0.7
apache tomcat 5.0.8
apache tomcat 5.0.9
apache tomcat 5.5.0
apache tomcat 5.5.1
apache tomcat 5.5.10
apache tomcat 5.5.11
apache tomcat 5.5.13
apache tomcat 5.5.14
apache tomcat 5.5.15
apache tomcat 5.5.16
apache tomcat 5.5.18
apache tomcat 5.5.19
apache tomcat 5.5.2
apache tomcat 5.5.21
apache tomcat 5.5.22
apache tomcat 5.5.23
apache tomcat 5.5.24
apache tomcat 5.5.25
apache tomcat 5.5.3
apache tomcat 5.5.5
apache tomcat 5.5.6
apache tomcat 5.5.8
apache tomcat 6.0
apache tomcat 6.0.0
apache tomcat 6.0.1
apache tomcat 6.0.10
apache tomcat 6.0.11
apache tomcat 6.0.12
apache tomcat 6.0.13
apache tomcat 6.0.14
apache tomcat 6.0.15
redhat certificate system 7.3
apache tomcat 5.5.26
apache tomcat 6.0.16
apache tomcat 4.1.32
apache tomcat 4.1.37
sun opensolaris build_snv_89
sun opensolaris build_snv_89
sun opensolaris build_snv_95
sun opensolaris build_snv_95
apache tomcat 4.1.18
apache tomcat 4.1.19
apache tomcat 4.1.20
apache tomcat 4.1.21
apache tomcat 4.1.22
apache tomcat 4.1.23
apache tomcat 4.1.26
apache tomcat 4.1.27
apache tomcat 4.1.29
apache tomcat 4.1.30
sun opensolaris build_snv_01
sun opensolaris build_snv_02
sun opensolaris build_snv_13
sun opensolaris build_snv_19
sun opensolaris build_snv_22
sun opensolaris build_snv_39
sun opensolaris build_snv_47
sun opensolaris build_snv_64
sun opensolaris build_snv_79b
sun opensolaris build_snv_88
sun opensolaris build_snv_01
sun opensolaris build_snv_02
sun opensolaris build_snv_13
sun opensolaris build_snv_19
sun opensolaris build_snv_22
sun opensolaris build_snv_39
sun opensolaris build_snv_47
sun opensolaris build_snv_64
sun opensolaris build_snv_79b
sun opensolaris build_snv_88
sun opensolaris build_snv_03
sun opensolaris build_snv_04
sun opensolaris build_snv_05
sun opensolaris build_snv_06
sun opensolaris build_snv_07
sun opensolaris build_snv_08
sun opensolaris build_snv_09
sun opensolaris build_snv_10
sun opensolaris build_snv_11
sun opensolaris build_snv_12
sun opensolaris build_snv_14
sun opensolaris build_snv_15
sun opensolaris build_snv_16
sun opensolaris build_snv_18
sun opensolaris build_snv_20
sun opensolaris build_snv_21
sun opensolaris build_snv_24
sun opensolaris build_snv_25
sun opensolaris build_snv_26
sun opensolaris build_snv_27
sun opensolaris build_snv_28
sun opensolaris build_snv_29
sun opensolaris build_snv_31
sun opensolaris build_snv_32
sun opensolaris build_snv_33
sun opensolaris build_snv_34
sun opensolaris build_snv_35
sun opensolaris build_snv_37
sun opensolaris build_snv_41
sun opensolaris build_snv_43
sun opensolaris build_snv_44
sun opensolaris build_snv_45
sun opensolaris build_snv_48
sun opensolaris build_snv_50
sun opensolaris build_snv_53
sun opensolaris build_snv_54
sun opensolaris build_snv_56
sun opensolaris build_snv_58
sun opensolaris build_snv_59
sun opensolaris build_snv_60
sun opensolaris build_snv_62
sun opensolaris build_snv_65
sun opensolaris build_snv_68
sun opensolaris build_snv_69
sun opensolaris build_snv_72
sun opensolaris build_snv_75
sun opensolaris build_snv_76
sun opensolaris build_snv_78
sun opensolaris build_snv_81
sun opensolaris build_snv_82
sun opensolaris build_snv_84
sun opensolaris build_snv_85
sun opensolaris build_snv_87
sun opensolaris build_snv_86
sun opensolaris build_snv_17
sun opensolaris build_snv_23
sun opensolaris build_snv_30
sun opensolaris build_snv_36
sun opensolaris build_snv_38
sun opensolaris build_snv_42
sun opensolaris build_snv_46
sun opensolaris build_snv_49
sun opensolaris build_snv_51
sun opensolaris build_snv_52
sun opensolaris build_snv_55
sun opensolaris build_snv_57
sun opensolaris build_snv_61
sun opensolaris build_snv_63
sun opensolaris build_snv_66
sun opensolaris build_snv_67
sun opensolaris build_snv_70
sun opensolaris build_snv_71
sun opensolaris build_snv_73
sun opensolaris build_snv_74
sun opensolaris build_snv_77
sun opensolaris build_snv_79
sun opensolaris build_snv_83
sun opensolaris build_snv_03
sun opensolaris build_snv_04
sun opensolaris build_snv_05
sun opensolaris build_snv_06
sun opensolaris build_snv_07
sun opensolaris build_snv_15
sun opensolaris build_snv_08
sun opensolaris build_snv_14
sun opensolaris build_snv_11
sun opensolaris build_snv_17
sun opensolaris build_snv_12
sun opensolaris build_snv_09
sun opensolaris build_snv_16
sun opensolaris build_snv_10
sun opensolaris build_snv_21
sun opensolaris build_snv_20
sun opensolaris build_snv_27
sun opensolaris build_snv_26
sun opensolaris build_snv_25
sun opensolaris build_snv_24
sun opensolaris build_snv_23
sun opensolaris build_snv_18
sun opensolaris build_snv_28
sun opensolaris build_snv_33
sun opensolaris build_snv_34
sun opensolaris build_snv_35
sun opensolaris build_snv_36
sun opensolaris build_snv_32
sun opensolaris build_snv_37
sun opensolaris build_snv_31
sun opensolaris build_snv_30
sun opensolaris build_snv_29
sun opensolaris build_snv_40
sun opensolaris build_snv_41
sun opensolaris build_snv_42
sun opensolaris build_snv_43
sun opensolaris build_snv_44
sun opensolaris build_snv_38
sun opensolaris build_snv_45
sun opensolaris build_snv_46
sun opensolaris build_snv_48
sun opensolaris build_snv_55
sun opensolaris build_snv_54
sun opensolaris build_snv_50
sun opensolaris build_snv_57
sun opensolaris build_snv_49
sun opensolaris build_snv_56
sun opensolaris build_snv_52
sun opensolaris build_snv_51
sun opensolaris build_snv_53
sun opensolaris build_snv_67
sun opensolaris build_snv_66
sun opensolaris build_snv_59
sun opensolaris build_snv_65
sun opensolaris build_snv_58
sun opensolaris build_snv_61
sun opensolaris build_snv_63
sun opensolaris build_snv_60
sun opensolaris build_snv_62
sun opensolaris build_snv_71
sun opensolaris build_snv_68
sun opensolaris build_snv_72
sun opensolaris build_snv_77
sun opensolaris build_snv_70
sun opensolaris build_snv_74
sun opensolaris build_snv_73
sun opensolaris build_snv_76
sun opensolaris build_snv_69
sun opensolaris build_snv_75
sun opensolaris build_snv_78
sun opensolaris build_snv_84
sun opensolaris build_snv_83
sun opensolaris build_snv_79
sun opensolaris build_snv_86
sun opensolaris build_snv_85
sun opensolaris build_snv_87
sun opensolaris build_snv_80
sun opensolaris build_snv_82
sun opensolaris build_snv_81
apache tomcat 4.1.11
apache tomcat 4.1.16
apache tomcat 4.1.14
apache tomcat 4.1.13
apache tomcat 4.1.25
apache tomcat 4.1.17
apache tomcat 4.1.4
apache tomcat 4.1.5
apache tomcat 4.1.6
apache tomcat 4.1.7
apache tomcat 4.1.8
apache tomcat 4.1.9
sun opensolaris build_snv_100
sun opensolaris build_snv_100
sun opensolaris build_snv_102
sun opensolaris build_snv_102
sun opensolaris build_snv_80
sun opensolaris build_snv_91
sun opensolaris build_snv_91
sun opensolaris build_snv_90
sun opensolaris build_snv_90
sun opensolaris build_snv_40
sun opensolaris build_snv_104
sun opensolaris build_snv_104
sun opensolaris build_snv_101
sun opensolaris build_snv_101
sun opensolaris build_snv_105
sun opensolaris build_snv_105
sun opensolaris build_snv_92
sun opensolaris build_snv_92
sun opensolaris build_snv_93
sun opensolaris build_snv_94
sun opensolaris build_snv_99
sun opensolaris build_snv_98
sun opensolaris build_snv_97
sun opensolaris build_snv_96
sun opensolaris build_snv_94
sun opensolaris build_snv_93
sun opensolaris build_snv_99
sun opensolaris build_snv_97
sun opensolaris build_snv_98
sun opensolaris build_snv_96
sun opensolaris build_snv_103
sun opensolaris build_snv_103
sun opensolaris build_snv_106
sun opensolaris build_snv_106
sun opensolaris build_snv_107
sun opensolaris build_snv_107
sun opensolaris build_snv_108
sun opensolaris build_snv_109
sun opensolaris build_snv_110
sun opensolaris build_snv_108
sun opensolaris build_snv_109
sun opensolaris build_snv_110
apache tomcat 4.1.33
apache tomcat 4.1.35
sun opensolaris build_snv_111
sun opensolaris build_snv_111
apache tomcat 5.5.27
sun opensolaris build_snv_112
sun opensolaris build_snv_113
sun opensolaris build_snv_112
sun opensolaris build_snv_113
sun opensolaris build_snv_114
sun opensolaris build_snv_114
apache tomcat 6.0.18
sun opensolaris build_snv_116
sun opensolaris build_snv_116
sun opensolaris build_snv_117
sun opensolaris build_snv_117
hp hp-ux b.11.11
sun solaris 9
hp hp-ux b.11.23
sun solaris 10
sun solaris 10
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0 x86_64
hp hp-ux b.11.31
redhat enterprise linux 5
redhat rhel developer suite 3
redhat rhel application server 2
mandrakesoft mandrake linux 2008.0
mandrakesoft mandrake linux 2008.1 x86_64
mandrakesoft mandrake linux 2008.1
sun solaris 9
ibm tivoli netcool webtop 2.1.0
mandriva linux 2009.0
mandriva linux 2009.0 -
canonical ubuntu 8.10
fujitsu interstage apworks 6.0
fujitsu interstage studio 10.0.0
fujitsu interstage job workload server 8.1.1
mandriva linux 2009.1
mandriva linux 2009.1
apple mac os x server 10.5.8
apple mac os x server 10.6
apple mac os x server 10.6.1
apple mac os x server 10.6.2
ibm rational quality manager 2.0
ibm tivoli application dependency discovery manager 7.3.0.0
Denotes that component is vulnerable