Lucene search
Copyright (C) 2020 Greenbone AGOPENVAS:1361412562311220201182HistoryFeb 25, 2020 - 12:00 a.m.
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2020-1182)
2020-02-2500:00:00
Copyright (C) 2020 Greenbone AG
plugins.openvas.org
13
The remote host is missing an update for the Huawei EulerOS
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.2.2020.1182");
script_cve_id("CVE-2019-12418", "CVE-2019-17563");
script_tag(name:"creation_date", value:"2020-02-25 13:58:17 +0000 (Tue, 25 Feb 2020)");
script_version("2024-02-05T14:36:56+0000");
script_tag(name:"last_modification", value:"2024-02-05 14:36:56 +0000 (Mon, 05 Feb 2024)");
script_tag(name:"cvss_base", value:"5.1");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-02-11 15:33:40 +0000 (Tue, 11 Feb 2020)");
script_name("Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2020-1182)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone AG");
script_family("Huawei EulerOS Local Security Checks");
script_dependencies("gb_huawei_euleros_consolidation.nasl");
script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP8");
script_xref(name:"Advisory-ID", value:"EulerOS-SA-2020-1182");
script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2020-1182");
script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'tomcat' package(s) announced via the EulerOS-SA-2020-1182 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.(CVE-2019-12418)
When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.(CVE-2019-17563)");
script_tag(name:"affected", value:"'tomcat' package(s) on Huawei EulerOS V2.0SP8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "EULEROS-2.0SP8") {
if(!isnull(res = isrpmvuln(pkg:"tomcat", rpm:"tomcat~9.0.10~1.h5.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"tomcat-admin-webapps", rpm:"tomcat-admin-webapps~9.0.10~1.h5.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"tomcat-el-3.0-api", rpm:"tomcat-el-3.0-api~9.0.10~1.h5.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"tomcat-jsp-2.3-api", rpm:"tomcat-jsp-2.3-api~9.0.10~1.h5.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"tomcat-lib", rpm:"tomcat-lib~9.0.10~1.h5.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"tomcat-servlet-4.0-api", rpm:"tomcat-servlet-4.0-api~9.0.10~1.h5.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
ibm
ibm
nessus
nessus
Photon OS 1.0: Apache PHSA-2020-1.0-0264
2020-01-16 00:00:00
Photon OS 2.0: Apache PHSA-2020-2.0-0200
2020-01-16 00:00:00
Debian DLA-2077-1 : tomcat7 security update
2020-01-28 00:00:00
amazon
amazon
Medium: tomcat8
2020-01-14 18:18:00
Important: tomcat
2023-05-11 17:49:00
mageia
mageia
Updated tomcat packages fix security vulnerabilities
2020-01-28 10:52:40
openvas
openvas
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2020-1136)
2020-02-24 00:00:00
Mageia: Security Advisory (MGASA-2020-0054)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-2077-1)
2020-01-28 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2020-01-27 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.99
2019-12-17 00:00:00
Fixed in Apache Tomcat 9.0.30
2019-12-12 00:00:00
Fixed in Apache Tomcat 8.5.50
2019-12-12 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2020-03-19 00:00:00
redhat
redhat
github
github
osv
osv
In Apache Tomcat, when using FORM authentication there was a narrow window where an attacker could perform a session fixation attack
2019-12-26 18:22:26
CVE-2019-17563
2019-12-23 17:15:11
CVE-2019-12418
2019-12-23 18:15:10
cvelist
cvelist
CVE-2019-17563
2019-12-23 16:39:01
CVE-2019-12418
2019-12-23 17:12:43
cve
cve
CVE-2019-17563
2019-12-23 17:15:11
CVE-2019-12418
2019-12-23 18:15:10
redhatcve
redhatcve
CVE-2019-17563
2019-12-20 18:38:45
CVE-2019-12418
2020-04-09 10:13:44
veracode
veracode
Session Fixation
2019-12-19 08:29:44
Privilege Escalation
2019-12-23 08:45:46
prion
prion
Session fixation
2019-12-23 17:15:00
Design/Logic Flaw
2019-12-23 18:15:00
cgr
cgr
CVE-2019-17563 vulnerabilities
2024-05-19 03:07:16
CVE-2019-12418 vulnerabilities
2024-05-19 03:07:16
kaspersky
kaspersky
KLA11626 SB vulnerability in Apache Tomcat
2019-12-12 00:00:00
KLA11627 SB vulnerability in Apache Tomcat
2019-11-21 00:00:00
f5
f5
K24551552 : Apache Tomcat vulnerability CVE-2019-17563
2020-01-23 00:00:00
K10107360 : Apache Tomcat vulnerability CVE-2019-12418
2020-01-07 00:00:00
symantec
symantec
Apache Tomcat CVE-2019-17563 Session Fixation Vulnerability
2019-12-18 00:00:00
Apache Tomcat CVE-2019-12418 Local Privilege Escalation Vulnerability
2019-12-18 00:00:00
Apache Tomcat Vulnerabilities Oct 2018 – Feb 2020
2020-05-12 19:02:01
ubuntucve
ubuntucve
CVE-2019-17563
2019-12-23 00:00:00
CVE-2019-12418
2019-12-23 00:00:00
debiancve
debiancve
CVE-2019-17563
2019-12-23 17:15:11
CVE-2019-12418
2019-12-23 18:15:10
atlassian
atlassian
photon
photon
Important Photon OS Security Update - PHSA-2020-0051
2020-01-23 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0200
2020-01-14 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0051
2020-01-23 00:00:00
debian
debian
[SECURITY] [DSA 4596-1] tomcat8 security update
2019-12-27 22:15:49
[SECURITY] [DSA 4680-1] tomcat9 security update
2020-05-06 20:58:40
centos
centos
tomcat security update
2020-10-20 19:04:26
oraclelinux
oraclelinux
tomcat security and bug fix update
2020-10-06 00:00:00
hackerone
hackerone
rosalinux
rosalinux
Advisory ROSA-SA-2021-1988
2021-07-02 18:17:52
oracle
oracle
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - July 2020
2020-07-14 00:00:00
7.4 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.1%
Related for OPENVAS:1361412562311220201182