Security Update:The Apache Software Foundation has released two important security advisories to address vulnerabilities in Apache Tomcat
Date and Time
Apache Tomcat users
The Apache Software Foundation has released two important security advisories to address vulnerabilities in Apache Tomcat.
Advanced Users: For a complete description of the security advisory go to:
- CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP Upload at: http://firstname.lastname@example.org%3e
- CVE-2017-12616 Apache Tomcat Information Disclosure at: http://mail-archives.us.apache.org/mod_mbox/www-announce/201709.mbox/<email@example.com>
- Apache Tomcat 7.0.0 to 7.0.80
WHAT’S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to control of an affected system.
HOW DO I PROTECT MY WEB SITE?
- Users and administrators are encouraged to review the Apache Security advisories listed above.
- IT Security - https://it.ucsf.edu/security