Summary
Apache Tomcat Server is running on this host and that is prone to Privilege Escalation vulnerability.
Impact
Successful attempt could lead remote attackers to bypass security restrictions and gain the privileges.
Impact Level: Application.
Solution
Apply patch from below link,
http://svn.apache.org/viewvc?view=revision&revision=834047
*****
NOTE: Ignore this warning if above mentioned patch is already applied.
*****
Insight
The flaw is due to the windows installer setting a blank password by default for the administrative user, which could be exploited by attackers to gain unauthorized administrative access to a vulnerable installation.
Affected
Apache Tomcat version 5.5.0 to 5.5.28 and 6.0.0 through 6.0.20 on Windows.
References
Severity
Classification
-
CVE CVE-2009-3548 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities