|Apache Tomcat... - VULHUB开源网络安全威胁库

Apache Tomcat...

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

BUGTRAQ ID: 31698 CVE ID：CVE-2008-3271 CNCVE ID：CNCVE-20083271 Apache Tomcat是一款流行的开放源码的JSP应用服务器程序。 Apache Tomcat处理'RemoteFilterValve'扩展存在安全绕过问题，远程攻击者可以利用漏洞绕过访问限制，获得敏感信息。在使用RemoteAddrValve允许部分地址访问引擎时： <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="a.b.c.d"/> 由于在检查IP地址时存在同步问题，允许来自非允许IP地址的用户对RemoteFilterValve延伸的保护内容进行访问。 FUJITSU Interstage产品目前受此漏洞影响。 Fujitsu INTERSTAGE Studio Standard-J Edition 9.0 Fujitsu INTERSTAGE Studio Standard-J Edition 8.0.1 Fujitsu INTERSTAGE Studio Enterprise Edition 9.0 Fujitsu INTERSTAGE Studio Enterprise Edition 8.0.1 Fujitsu INTERSTAGE Job Workload Server 8.1 Fujitsu INTERSTAGE Business Application Server Enterprise 8.0.0 Fujitsu INTERSTAGE Apworks Modelers-J Edition 7.0 Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0A Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0 Fujitsu INTERSTAGE Application Server Standard-J Edition 9.1 Fujitsu INTERSTAGE Application Server Standard-J Edition 9.0 A Fujitsu INTERSTAGE Application Server Standard-J Edition 9.0 Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0.2 Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0 Fujitsu iNTERSTAGE Application Server Standard Edition 7.0 Fujitsu INTERSTAGE Application Server Plus Developer 7.0 Fujitsu INTERSTAGE Application Server Plus Developer 6.0 Fujitsu Interstage Application Server Plus 7.0.1 Fujitsu Interstage Application Server Plus 7.0 Fujitsu Interstage Application Server Plus 6.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 9.1 Fujitsu INTERSTAGE Application Server Enterprise Edition 9.0 A Fujitsu INTERSTAGE Application Server Enterprise Edition 9.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.3 Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.2 Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.1 Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0.1 Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 6.0 Apache Software Foundation Tomcat 5.0 Apache Software Foundation Tomcat 4.1.31 Apache Software Foundation Tomcat 4.1.30 Apache Software Foundation Tomcat 4.1.29 Apache Software Foundation Tomcat 4.1.28 Apache Software Foundation Tomcat 4.1.24 + Gentoo Linux 1.4 _rc3 + Gentoo Linux 1.4 _rc2 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.2 Apache Software Foundation Tomcat 4.1.12 Apache Software Foundation Tomcat 4.1.10 Apache Software Foundation Tomcat 4.1.3 beta Apache Software Foundation Tomcat 4.1.3 Apache Software Foundation Tomcat 4.1 Apache Software Foundation Tomcat 4.1 - BSDI BSD/OS 4.0 - Caldera OpenLinux 2.4 - Conectiva Linux 5.1 - Debian Linux 2.3 - Debian Linux 2.2 - Debian Linux 2.1 - Digital UNIX 4.0 - FreeBSD FreeBSD 5.0 - FreeBSD FreeBSD 4.5 - MandrakeSoft Linux Mandrake 7.1 - MandrakeSoft Linux Mandrake 7.0 - NetBSD NetBSD 1.4.2 x86 - NetBSD NetBSD 1.4.1 x86 - RedHat Linux 6.2 i386 - RedHat Linux 6.1 i386 - SGI IRIX 6.5 - SGI IRIX 6.4 - SGI IRIX 3.3 - Sun Solaris 8 - Sun Solaris 7.0 Apache Software Foundation Tomcat 5.0 升级到最新版本： Apache Software Foundation Tomcat 6.0 Apache Software Foundation Tomcat 5.0.1 Apache Software Foundation Tomcat 4.1.32 <a href=http://tomcat.apache.org/ target=_blank>http://tomcat.apache.org/</a>

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™

Apache Tomcat...

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单