Back to search
CVE-2010-1157
Published: Apr 23, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20100421 [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability
mailing-list
x_refsource_BUGTRAQ
DSA-2207
vendor-advisory
x_refsource_DEBIAN
http://svn.apache.org/viewvc?view=revision&revision=936540
x_refsource_CONFIRM
HPSBUX02860
vendor-advisory
x_refsource_HP
MDVSA-2010:177
vendor-advisory
x_refsource_MANDRIVA
ADV-2010-3056
vdb-entry
x_refsource_VUPEN
43310
third-party-advisory
x_refsource_SECUNIA
39574
third-party-advisory
x_refsource_SECUNIA
HPSBOV02762
vendor-advisory
x_refsource_HP
APPLE-SA-2011-10-12-3
vendor-advisory
x_refsource_APPLE
MDVSA-2010:176
vendor-advisory
x_refsource_MANDRIVA
42368
third-party-advisory
x_refsource_SECUNIA
RHSA-2011:0897
vendor-advisory
x_refsource_REDHAT
ADV-2010-0980
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:19492
vdb-entry
signature
x_refsource_OVAL
http://tomcat.apache.org/security-6.html
x_refsource_CONFIRM
57126
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
x_refsource_CONFIRM
http://svn.apache.org/viewvc?view=revision&revision=936541
x_refsource_CONFIRM
SUSE-SR:2010:017
vendor-advisory
x_refsource_SUSE
SSRT100825
vendor-advisory
x_refsource_HP
39635
vdb-entry
x_refsource_BID
RHSA-2011:0896
vendor-advisory
x_refsource_REDHAT
http://tomcat.apache.org/security-5.html
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
HPSBUX02579
vendor-advisory
x_refsource_HP
http://support.apple.com/kb/HT5002
x_refsource_CONFIRM
SSRT101146
vendor-advisory
x_refsource_HP
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
mailing-list
x_refsource_BUGTRAQ
SSRT100203
vendor-advisory
x_refsource_HP
HPSBST02955
vendor-advisory
x_refsource_HP
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now