CVE-2007-1858
CVE-2007-1858
The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspxhttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.htmlhttp://marc.info/?l=bugtraq&m=133114899904925&w=2http://osvdb.org/34882http://secunia.com/advisories/29392http://secunia.com/advisories/33668http://secunia.com/advisories/44183https://exchange.xforce.ibmcloud.com/vulnerabilities/34212https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3Ehttp://support.avaya.com/elmodocs2/security/ASA-2007-206.htm