‘HP-UX Apache Running Tomcat Servlet Engine Remote Modification and Denial of Service Vulnerabilities’

Summary

Multiple vulnerabilities were identified in HP-UX Apache Running Tomcat Servlet Engine.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02515878


Details

Vulnerable Systems:
 * HP-UX B.11.23 running HP-UX Apache Web Server Suite v3.12 or earlier
 * HP-UX B.11.31 running HP-UX Apache Web Server Suite v3.12 or earlier

Immune Systems:
 * HP-UX Web Server Suite v3.13 or subsequent.

Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to disclose information, perform unauthorized modification, or create a Denial of Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite.

CVE Information:
CVE-2010-2227
CVE-2010-1157
CVE-2009-0783
CVE-2009-0781
CVE-2009-0580
CVE-2009-0033
CVE-2008-5515

Disclosure Timeline:
November 2010 – Initial release’

Categories: UNIX