Red Hat Bugzilla – Bug 432327
CVE-2008-0002 Tomcat information disclosure vulnerability
Last modified: 2008-03-03 02:37:46 EST
CVE-2008-0002: Tomcat information disclosure vulnerability
The Apache Software Foundation
Tomcat 6.0.5 to 6.0.15
If an exception occurs during the processing of parameters (eg if the
client disconnects) then it is possible that the parameters submitted for
that request will be incorrectly processed as part of a following request.
6.0.x users should upgrade to 6.0.16 or later.
This issue was discovered by Chitrapandian N of AdventNet Inc.
tomcat5-5.5.26-1jpp.2.fc8 has been submitted as an update for Fedora 8
tomcat5-5.5.26-1jpp.2.fc7 has been submitted as an update for Fedora 7
tomcat5-5.5.26-1jpp.2.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
tomcat5-5.5.26-1jpp.2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.