RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

Apache Tomcat vulnerabilities and new updates

By N-Stalker Team on April 9, 2007

N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • Unauthorized access to JBoss application server management functionality
  • Apache Tomcat Mod_JK.SO 1.2.20 Arbitrary Code Execution Vulnerability
  • Apache Tomcat Mod_JK.SO 1.2.20 Arbitrary Code Execution Vulnerability
  • Apache HTTP Server Tomcat 6.0.9/5.5.22 Directory Traversal Vulnerability
  • Mod_Perl 1.29/2.0.3 Path_Info Remote Denial Of Service Vulnerability
  • PHPList 2.10.1 Public Pages MultipleCross-Site Scripting Vulnerabilities
  • SH-News Report.PHP 3.1 Remote File Include Vulnerability
  • SH-News News.PHP 3.1 Remote File Include Vulnerability
  • SH-News Init.PHP 3.1 Remote File Include Vulnerability
  • SH-News Comments.PHP 3.1 Remote File Include Vulnerability
  • SH-News Archive.PHP 3.1 Remote File Include Vulnerability
  • CommunityPortals 1.0 Bug.PHP Remote File Include Vulnerability
  • N@Board 3.1.9e Naboard_PNR.PHP Remote File Include Vulnerability
  • VTiger CRM 4.2.4 Update.PHP Remote File Include Vulnerability
  • VTiger CRM 4.2.4 Calendar.PHP Remote File Include Vulnerability
  • VTiger CRM 4.2.4 Scheme.PHP Remote File Include Vulnerability
  • Noah\’s Classifieds 1.3 Index.PHP Cross-Site Scripting Vulnerability
  • Digishop 4.0 Cart.PHP Cross-Site Scripting Vulnerability
  • FOAFgen 0.3 Redir.PHP Local File Include Vulnerability
  • PhpMyAgenda 3.1 Language Local File Include Vulnerability
  • Tagit2b 2.1 DelTagUser.PHP Remote File Include Vulnerability
  • Jinzora 2.1 Media.PHP Remote File Include Vulnerability
  • BlueShoes Framework 4.6 GoogleSearch.PHP Remote File Include Vulnerability
  • PHPLibre Tribuna Libre 3.12 Ftag.PHP Remote File Include Vulnerability
  • Leicestershire Community Portals 1.0 Cp_Root_Path Remote File Include Vulnerability
  • Exhibit Engine 1.54 Photo_Comment.PHP Remote File Include Vulnerability
  • Claroline 1.8 Import.lib.PHP Remote File Include Vulnerability
  • Album Photo Sans Nom 1.6 Getimg.PHP Local File Include Vulnerability
  • Softerra PHP Developer Library 1.5.3 Grid3.lib.PHP Remote File Include Vulnerabilities
  • 4Images 1.7.3 Search.PHP SQL Injection Vulnerability
  • Compteur 2 Param_Editor.PHP Remote File Include Vulnerability
  • RegistroTL 0.5b Main.PHP Remote File Include Vulnerability
  • Goss ICM CMS Multiple HTML Injection Vulnerabilities
  • Jasmine-Web Index.PHP Remote File Include Vulnerability
  • Eboli Index.PHP Remote File Include Vulnerability
  • Polaring 00.04.03 General.PHP Remote File Include Vulnerability
  • Webmedia Explorer 2.8.7 Core.Lib.PHP Remote File Include Vulnerability
  • Moodle 1.6.2 Blog Module SQL Injection Vulnerability
  • EXPBlog 0.3.5 Details.PHP Cross-Site Scripting Vulnerability
  • Cahier De Textes 2.0 Lire.PHP SQL Injection Vulnerability
  • Cahier De Textes 2.0 Lire_A_Faire.PHP SQL Injection Vulnerability
  • Easy Blog 1.4 Find.PHP Remote File Include Vulnerability
  • Easy Blog 1.4 File.PHP Remote File Include Vulnerability
  • Easy Blog 1.4 Comment.PHP Remote File Include Vulnerability
  • Easy Blog 1.4 Find_File.PHP Remote File Include Vulnerability
  • Dokeos 1.6.4 Testheaderpage.PHP Remote File Includes Vulnerability
  • Dokeos 1.6.4 Resourcelinker.Inc.PHP Remote File Includes Vulnerability
  • Dokeos 1.6.4 UserLog.PHP Remote File Includes Vulnerability
  • MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
  • Deep CMS 2.0a Index.PHP Remote File Include Vulnerability
  • Ciamos CMS 0.9.6b Config.PHP Remote File Include Vulnerability
  • PHP Polling Creator 1.03 Functions.Inc.PHP Remote File Include Vulnerability
  • Nivisec User Viewed Posts Tracker 1.0 PHP_Root_Path Parameter Remote File Include Vulnerability
  • Interspire FastFind Index.PHP Cross-Site Scripting Vulnerability
  • AckerTodo 4.2 Login.PHP Multiple SQL Injection Vulnerabilities
  • PHPMyNews 1.4 Index.PHP Remote File Include Vulnerability
  • PHPMyNews 1.4 Disp_Form.PHP Remote File Include Vulnerability
  • PHPMyNews 1.4 Little_News.PHP Remote File Include Vulnerability
  • PHPMyNews 1.4 Disp_Smileys.PHP Remote File Include Vulnerability
  • FreeForum 0.9.7 FPath Variable Remote File Include Vulnerability
  • Emek Portal 2.1 Uyegiris.ASP SQL Injection Vulnerability
  • TorrentFlux 2.1 Admin.PHP Cross-Site Scripting Vulnerability
  • PHP Classifieds 7.1 CatID Parameter SQL Injection Vulnerability
  • Nivisec Static Topics 1.0 Module Functions_Static_Topics.PHP Remote File Include Vulnerability
  • Civica Display.ASP SQL Injection Vulnerability
  • osCommerce Banner_Manager.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Zones.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Banner_Statistics.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Countries.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Currencies.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Languages.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Manufacturers.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Newsletters.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Orders_Status.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Products_Attributes.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Products_Expected.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Reviews.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Specials.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Stats_Products_Purchased.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Stats_Products_Viewed.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Tax_Classes.PHP 2.2 Cross-Site Scripting Vulnerability
  • osCommerce Tax_Rates.PHP 2.2 Cross-Site Scripting Vulnerability
  • PHPGreetz 0.99 Footer.PHP Remote File Include Vulnerability
  • Yener Haber Script 2.0 SQL Injection Vulnerability
  • Invision Gallery 2.0.7 Index.PHP Directory Traversal Vulnerability
  • Travelsized CMS 0.4 Frontpage.PHP Remote File Include Vulnerability
  • JAF CMS 4.0 Main.PHP Remote File Include Vulnerability
  • JAF CMS 4.0 Headlines.PHP Remote File Include Vulnerability
  • Newswriter 1.40 Editfunc.inc.PHP Remote File Include Vulnerabilities
  • Invision Gallery 2.0.7 Index.PHP SQL Injection Vulnerability
  • Klinza Professional CMS 5.0.1 Show_Hlp.PHP Remote File Include Vulnerability
  • PHPMyProfiler 0.9.6 Functions.PHP Remote File Include Vulnerability
  • JAF CMS 4.0 Forum.PHP Remote File Include Vulnerability
  • AllMyGuests 0.4.1 SignIn.PHP Remote File Include Vulnerability
  • Net2FTP 0.93 Index.PHP Cross-Site Scripting Vulnerability
  • OpenBiblio 0.5.1 Header.PHP Remote File Include Vulnerability
  • OpenBiblio 0.5.1 Help.PHP Remote File Include Vulnerability
  • DeluxeBB 1.09 Sig.PHP Remote File Include Vulnerability
  • BBaCE 3.5 Functions.PHP Remote File Include Vulnerability
  • Forum82 2.5.2 Search.PHP Remote File Include Vulnerability
  • Forum82 2.5.2 Message.PHP Remote File Include Vulnerability
  • Forum82 2.5.2 Search.PHP Remote File Include Vulnerability
  • Forum82 2.5.2 Lostpassword.PHP Remote File Include Vulnerability
  • Forum82 2.5.2 Member.PHP Remote File Include Vulnerability
  • BasiliX 1.1.1 Message-Read.PHP Remote File Include Vulnerability
  • vulnSig_title
  • BasiliX 1.1.1 Compose-New.PHP Remote File Include Vulnerability
  • BasiliX 1.1.1 Compose-Attach.PHP Remote File Include Vulnerability
  • BasiliX 1.1.1 Folder-Create.PHP Remote File Include Vulnerability
  • BasiliX 1.1.1 Mbox-Action.PHP Remote File Include Vulnerability
  • BasiliX 1.1.1 Folders.PHP Remote File Include Vulnerability
  • BasiliX 1.1.1 Login.PHP Remote File Include Vulnerability
  • BasiliX 1.1.1 Settings.PHP Remote File Include Vulnerability
  • PHP Web Scripts Easy Banner Functions.PHP Remote File Include Vulnerability
  • VAMP Webmail 2.0 Yesno.PHTML Remote File Include Vulnerability

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us