The remote SuSE 10 host is missing a security-related patch.
This update of tomcat fixes several vulnerabilities : - RequestDispatcher usage can lead to information leakage. (CVE-2008-5515) - denial of service via AJP connection. (CVE-2009-0033) - some authentication classes allow user enumeration. (CVE-2009-0580) - XSS bug in example application cal2.jsp. (CVE-2009-0781) - replacing XML parser leads to information leakage Additionally, non-security bugs were fixed. (CVE-2009-0783)