A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / Ushauri wa Usalama / Uwezekano wa Mashambulizi mengi ya TOMCAT

Uwezekano wa Mashambulizi mengi ya TOMCAT

Tarehe ya Toleo la Kwanza: 31-5-2014

Chanzo: US-CERT/NIST

Mfumo Ulioathiriwa:

1: Tomcat kabla ya toleo 6.0.40
2: Tomcat 7.x kabla ya toleo 7.0.54
3: Tomcat 8.x kabla ya toleo 8.0.6

Maelezo: java/org/apache/catalina/servlets/DefaultServlet.java  haizuii kurasa za mtindo za XSLT, inayoruhusu washambulizi wa mbali kukwepa vizuizi vya meneja usalama na kusoma mafaili kiholela kupitia program ya mtandao  iliyojitengeneza  kijanja.

Athari

Mashambulizi yanaweza kusababisha utoaji taarifa usioruhusiwa.

Utatuzi: Kuhuisha
1: Matoleo ya TOMCAT ya zamani kuliko 6.0.40 tafadhali tembelea http://tomcat.apache.org/security-6.html kwa taarifa mpya.

Marejeo:
http://tomcat.apache.org/
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0119

 

Best free WordPress theme

Check Also

Uwezekano wa Mashambulizi kwa Kuingiza FrontAccounting Multiple SQL

TZCERT-2014-04: Tahadhari ya Kushambuliwa Uwezekano wa Mashambulizi kwa Kuingiza amri za SQL kwenye Programu tumizi …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response © Hakimiliki 2024, Haki zote zimehifadhiwa.