Vulnerabilities > CVE-2002-0493 - 7PK - Security Features vulnerability in Apache Tomcat
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 15 |
Common Weakness Enumeration (CWE)
References
- http://www.iss.net/security_center/static/9863.php
- http://marc.info/?l=bugtraq&m=101709002410365&w=2
- http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail%40icarus.apache.org%3E
- https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E