Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-6286

EPSS 10.02% · P93
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-6286

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Tomcat SSL端口空请求 设计错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Tomcat,当原本的 ARP 连接被使用时,不能恰当地处理 SSL 端口的空请求,导致允许远程攻击者触发一个最近请求的双份拷贝处理,使用 netcat 发送空请求证明了这一点。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-6286

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-6286

Please Login to view more intelligence information

Same Patch Batch · n/a · 2008-02-12 · 91 CVEs total

CVE-2008-0671tintin wintin++ add_line_buffer函数 缓冲区溢出漏洞
CVE-2008-0002Apache Tomcat 上下文参数错误 信息泄露漏洞
CVE-2008-0725Titan FTP Server USER/PASS命令 多个堆栈缓冲区溢出漏洞
CVE-2008-0722Pagetool index.php 跨站脚本攻击漏洞
CVE-2008-0721Mambo Com_sermon组件 index.php SQL注入漏洞
CVE-2008-0720WEBmin WEBmin_search.CGI 跨站脚本攻击漏洞
CVE-2008-0719OsCommerce customer_testimonials.php SQL注入漏洞
CVE-2008-0718Sun Solaris USB Mouse STREAMS Module (usbms(7M)) 未明漏洞
CVE-2008-0723planetluc mynews mynews.inc.php 跨站脚本攻击漏洞
CVE-2008-0670Joomla Com_noticias index.php SQL注入漏洞
CVE-2008-0669Sift Unity search.CGI 跨站脚本攻击漏洞
CVE-2008-0672tintin wintin++ process_chat_input函数 拒绝服务漏洞
CVE-2008-0673tintin wintin++ 文件传入请求 设计错误漏洞
CVE-2008-0675The Everything Development 引擎 'cms/index.pl' SQL注入漏洞
CVE-2008-0676A-Blog search.php 跨站脚本攻击漏洞
CVE-2008-0677A-Blog blog.php SQL注入漏洞
CVE-2008-0678BlogPHP index.php id参数 SQL注入漏洞
CVE-2008-0679BlogPHP index.php search参数 跨站脚本攻击漏洞
CVE-2008-0680microtik routeros SNMPd 拒绝服务漏洞
CVE-2008-0681phpShop 'index.php' SQL 注入漏洞

Showing top 20 of 91 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-6286

No comments yet

Leave a comment