Unclaimed Gift Car
Personal Injury At
Personal Fluid and
Rectal Rodeo clown
CV /Resume bulk su
Vigilante Internsh
Penetration Testin
Hair implant thong
Chinesium Trade Se
End of life photog

Identify and Credi
Scene News: Warez,
Ransomware, Crypto
Fixer Upper Fixer
Word of the Day, D
Late-night radio,
College and Univer
Lien enforcement
Retirement and Ben
Water was found on
<<      >>
Password Policy Reuse Abuse Vulnerability - CVE-2015-2330 ================================================================ Product: Apache Tomcat Versions Affected: 5.0.36 5.5.29, 5.5.30, 5.5.31, 5.5.32, 5.5.33, 5.5.34 5.5.35, 5.5.36, 5.5.37 5.5.38 Versions Not Affected: 4.1.6, 5.0.33 5.5.36.9 This vulnerability only applies to Apache Tomcat versions 5.5.35 and newer. Apache Tomcat versions 5.5.34 and lower are not affected. Versions of Apache Tomcat 5.0.37 and lower are not affected. Versions of Apache Tomcat 4.1.6 and lower are not affected. Apache Tomcat 5.5.34 includes Apache Tomcat's base functionality as of version 5.5.35. Versions of Apache Tomcat 5.5.35 through 5.5.38 will be affected. Details ================================================================ Apache Tomcat versions 5.5.35 and higher have a new feature for managing password-related security policy. This feature is enabled by default on the standard installation. It does not need to be enabled or administrators have to set the password policy themselves. By default, the password policy is set to use the same setting as the application server. A server may have a different password policy. This vulnerability allows exploitation of this feature without having to crack any passwords. CVSS 3.0 base score: 6.4 CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:N/E:U/RL:P/RC:C) See the note regarding CVEs below. Credit: This issue is credited to "Benny Bollo", benny.bollo (at) gmail (dot) com. Credit: This issue is credited to Thomas Stellwagen, Thomas Rueggeberg, and Michael Kammerloher, security vulnerabilities, CORE Security. Credit: This issue is credited to Robert Streck, Sascha Friedrich, and Marcos Aguirre, security vulnerabilities, Security Compass. Credit: This issue is credited to "Xiaoyi Wang", xiwang(at)trendmicro(dot)com. Credit: This issue is credited to Michael Kammerloher, Michael Schwarz, and Sascha Friedrich, security vulnerabilities, CORE Security. Credit: This issue is credited to Fabian Raff, Fabian Raff, and Marcel Schulz, security vulnerabilities, Secuurity-Kompass. Credit: This issue is credited to Jan Kiszka, security vulnerabilities, sag.cz. Credit: This issue is credited to Jirka Rydval, Dziku, and Piotr Pietrzyk, security vulnerabilities, sogeti.com. Credit: This issue is credited to Fabian Raff, Fabian Raff, and Marcel Schulz, security vulnerabilities, Secuurity-Kompass. Credit: This issue is credited to "Vlado Oreb", vladooreb(at)gmail(dot)com. Credit: This issue is credited to Fabian Raff, Fabian Raff, and Marcel Schulz, security vulnerabilities, Secuurity-Kompass. Credit: This issue is credited to "Xiaoyi Wang", xiwang(at)trendmicro(dot)com. Credit: This issue is credited to "Fernando Mancuello", feman(at)mihs(dot)com. Credit: This issue is credited to "Martin Krukhobin", kruphat(at)kruphod(dot)ru. Credit: This issue is credited to "David Zerger", zerger(at)security-assessment(dot)de. Credit: This issue is credited to Thomas Stellwagen, Thomas Rueggeberg, and Michael Kammerloher, security vulnerabilities, CORE Security. Credit: This issue is credited to Robert Streck, Sascha Friedrich, and Marcos Aguirre, security vulnerabilities, Security Compass. Credit: This issue is credited to "Zoltan Sarnyai", szarnyi(at)gmail(dot)com. Credit: This issue is credited to "David Zerger", zerger(at)security-assessment(dot)de. Credit: This issue is credited to "Martin Krukhobin", kruphat(at)kruphod(dot)ru. Credit: This issue is credited to "Ronald Hoops", hoops(at)coresecurity(dot)com. Credit: This issue is credited to "Michael Schwarz", schwarz(at)coresecurity(dot)com. Credit: This issue is credited to "Ronald Hoops", hoops(at)coresecurity(dot)com. Credit: This issue is credited to "Marcel Schulz", schulz(at)coresecurity(dot)com. Credit: This issue is credited to "Marcos Aguirre", agirre(at)securiteam(dot)com. Credit: This issue is credited to "Clifford Nash", nash(at)clifford(dot)com. Credit: This issue is credited to "Xiaoyi Wang", xiwang(at)trendmicro(dot)com. Credit: This issue is credited to "Daniel Cid", daniel.cid(at)telekom-es(dot)com. Credit: This issue is credited to "Sergio Nunes", sng@inf.ufrj.br. Credit: This issue is credited to "Alfio Cavallini", alfio(at)coresecurity(dot)com. Credit: This issue is credited to "Alex GuimarĂ£es", alexguimaraes(at)vulnerabilities(dot)bouncers(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org. Credit: This issue is credited to "Gustavo Henrique Mariani", hmariani(at)vulnerability-lab(dot)aliunde(dot)org.