I added a simple PoC video for the CVE-2016-1240 vulnerability.
In the PoC I used Ubuntu 16.04 with the latest tomcat7 package
(version: 7.0.68-ubuntu-0.1) installed from the default ubuntu repos
which appears vulnerable still.
The video poc can be found at:
http://legalhackers.com/videos/Apache
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3700-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 25, 2016
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3701-1 secur...@debian.org
https://www.debian.org/security/ Florian Weimer
October 25, 2016
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-16:15.sysarch [REVISED] Security Advisory
The FreeBSD Project
Topic: