This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
- Cross-site scripting (XSS) vulnerability in example JSP
- Handling of cookies containing a ' character.
- Handling of \' in cookies. (CVE-2007-3385)
- tomcat path traversal / information leak.
- directory traversal. (CVE-2007-1860)
- tomcat https information disclosure. (CVE-2008-0128)
- tomcat HTTP Request Smuggling. (CVE-2005-2090)
See also :
Apply ZYPP patch number 4990.
Risk factor :
Medium / CVSS Base Score : 6.8
Public Exploit Available : true
Family: SuSE Local Security Checks
Nessus Plugin ID: 31298 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now