Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Recent | Sitemap

CVE-2007-5342 (Tomcat)
BugsAlert Home > CVE-2007-5342 (Tomcat)
 
 

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.




Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5342

Learn more about CVE-2007-5342 (Tomcat)
 
Tags: cve-2007-5342 tomcat

Related Items
      WORM_OTORUN.C

      FrSIRT - Mandriva Security Update Fixes Mozilla Code Execution Vulnerabilities

      CVE-2008-3291 (aproxengine, aprox_cms_engine)

      No-IP DUC <= 2.1.7 Remote Code Execution Exploit

      Adobe Acrobat Affected by Vulnerabilities

      CVE-2008-1765 (Photoshop)

      Fedora Security Update Fixes Mozilla Firefox Multiple Vulnerabilities

 
© 2007-2009 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel