ID CVE-2007-5342 Type cve Reporter NVD Modified 2018-10-15T17:43:46
Description
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
{"securityvulns": [{"lastseen": "2018-08-31T11:10:24", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCVE-2007-5342: Tomcat's default security policy is too open\r\n\r\nSeverity:\r\nLow\r\n\r\nVendor:\r\nThe Apache Software Foundation\r\n\r\nVersions Affected:\r\nTomcat 5.5.9 to 5.5.25\r\nTomcat 6.0.0 to 6.0.15\r\n\r\nDescription:\r\nThe JULI logging component allows web applications to provide their own\r\nlogging configurations. The default security policy does not restrict this\r\nconfiguration and allows an untrusted web application to add files or\r\noverwrite existing files where the Tomcat process has the necessary file\r\npermissions to do so.\r\n\r\nMitigation:\r\nApply the following patch to the catalina.policy file\r\nhttp://svn.apache.org/viewvc?rev=606594&view=rev\r\nThe patch will be included in 5.5.25 onwards and 6.0.16 onwards\r\nThis patch is also included at the end of this announcement\r\n\r\nExample:\r\nAn application could have its own WEB-INF/classes/logging.properties\r\n\r\nhandlers = org.apache.juli.FileHandler\r\norg.apache.juli.FileHandler.level = FINE\r\norg.apache.juli.FileHandler.directory = ${catalina.base}/logs\r\norg.apache.juli.FileHandler.prefix = mylog.\r\n\r\nCredit:\r\nThis issue was discovered by Delian Krustev.\r\n\r\nReferences:\r\nhttp://tomcat.apache.org/security.html\r\n\r\nMark Thomas\r\n\r\n*** Patch starts below this line ***\r\nIndex: catalina.policy\r\n===================================================================\r\n- --- catalina.policy (revision 606588)\r\n+++ catalina.policy (working copy)\r\n@@ -62,7 +62,19 @@\r\n\r\n // These permissions apply to the logging API\r\n grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {\r\n- - permission java.security.AllPermission;\r\n+ permission java.util.PropertyPermission "java.util.logging.config.class", "read";\r\n+ permission java.util.PropertyPermission "java.util.logging.config.file", "read";\r\n+ permission java.lang.RuntimePermission "shutdownHooks";\r\n+ permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";\r\n+ permission java.util.PropertyPermission "catalina.base", "read";\r\n+ permission java.util.logging.LoggingPermission "control";\r\n+ permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";\r\n+ permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";\r\n+ permission java.lang.RuntimePermission "getClassLoader";\r\n+ // To enable per context logging configuration, permit read access to the appropriate file.\r\n+ // Be sure that the logging configuration is secure before enabling such access\r\n+ // eg for the examples web application:\r\n+ // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";\r\n };\r\n\r\n // These permissions apply to the server startup code\r\n\r\n*** Patch ends above this line ***\r\n\r\n\r\n\r\n\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.7 (MingW32)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niD8DBQFHbrZQb7IeiTPGAkMRAhg1AJ4ydvIa2WIuHN8x3TKGD01xReatbgCfTtj2\r\n8TzsMaXSUzeuEvnOuY5fmCo=\r\n=N5J9\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2007-12-26T00:00:00", "title": "[CVE-2007-5342] Apache Tomcat's default security policy is too open", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:24", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-5342"], "modified": "2007-12-26T00:00:00", "id": "SECURITYVULNS:DOC:18736", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18736", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:28", "references": ["https://vulners.com/securityvulns/securityvulns:doc:18736"], "description": "JULI logging component allow arbitrary files overwriting.", "edition": 1, "reporter": "BUGTRAQ", "published": "2007-12-26T00:00:00", "title": "Apache Tomcat weak default permissions", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:28", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Tomcat", "version": "5.5", "operator": "eq"}, {"name": "Tomcat", "version": "6.0", "operator": "eq"}], "cvelist": ["CVE-2007-5342"], "modified": "2007-12-26T00:00:00", "id": "SECURITYVULNS:VULN:8493", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8493", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:35", "references": [], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://tomcat.apache.org/security-6.html\nVendor Specific News/Changelog Entry: http://tomcat.apache.org/security-5.html\n[Secunia Advisory ID:28274](https://secuniaresearch.flexerasoftware.com/advisories/28274/)\nOther Advisory URL: http://svn.apache.org/viewvc?view=rev&revision=606594\nOther Advisory URL: http://securityreason.com/securityalert/3485\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-12/0284.html\nISS X-Force ID: 39201\nFrSIRT Advisory: ADV-2008-0013\n[CVE-2007-5342](https://vulners.com/cve/CVE-2007-5342)\nBugtraq ID: 27006\n", "edition": 1, "reporter": "OSVDB", "published": "2007-12-23T00:00:00", "title": "Apache Tomcat JULI Logging Component catalina.policy Security Bypass", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-5342"], "modified": "2007-12-23T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39833", "id": "OSVDB:39833", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T21:52:03", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 27006\r\nCVE(CAN) ID: CVE-2007-5342\r\n\r\nApache Tomcat\u662f\u4e00\u4e2a\u6d41\u884c\u7684\u5f00\u653e\u6e90\u7801\u7684JSP\u5e94\u7528\u670d\u52a1\u5668\u7a0b\u5e8f\u3002\r\n\r\nApache Tomcat\u7684JULI\u65e5\u5fd7\u7ec4\u4ef6\u5141\u8bb8Web\u5e94\u7528\u63d0\u4f9b\u81ea\u5df1\u7684\u65e5\u5fd7\u914d\u7f6e\uff0c\u9ed8\u8ba4\u7684\u5b89\u5168\u7b56\u7565\u6ca1\u6709\u9650\u5236\u8fd9\u79cd\u914d\u7f6e\uff0c\u5141\u8bb8\u4e0d\u53ef\u4fe1\u4efb\u7684Web\u5e94\u7528\u6dfb\u52a0\u6587\u4ef6\uff0c\u6216\u8986\u76d6Tomcat\u8fdb\u7a0b\u62e5\u6709\u6743\u9650\u7684\u5df2\u6709\u6587\u4ef6\u3002\r\n\r\n\n\nApache Group Tomcat 6.0.0 - 6.0.15\r\nApache Group Tomcat 5.5.9 - 5.5.25\n \u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://svn.apache.org/viewvc/tomcat/trunk/conf/catalina.policy?r1=606594&r2=606593&pathrev=606594&view=patch target=_blank>http://svn.apache.org/viewvc/tomcat/trunk/conf/catalina.policy?r1=606594&r2=606593&pathrev=606594&view=patch</a>", "reporter": "Root", "published": "2007-12-26T00:00:00", "type": "seebug", "title": "Apache Tomcat JULI\u65e5\u5fd7\u7ec4\u4ef6\u9ed8\u8ba4\u5b89\u5168\u7b56\u7565\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5342"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2007-12-26T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2703", "id": "SSV:2703", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "status": "details"}], "oraclelinux": [{"lastseen": "2018-08-31T01:41:16", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "src", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.src.rpm", "packageName": "tomcat5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "src", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.src.rpm", "packageName": "tomcat5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-jsp-2.0-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-server-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-jsp-2.0-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-jsp-2.0-api-javadoc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-common-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-server-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-jsp-2.0-api-javadoc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-jasper-javadoc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-admin-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-servlet-2.4-api-javadoc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-servlet-2.4-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-jasper", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-admin-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-common-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-servlet-2.4-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageFilename": "tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "packageName": "tomcat5-servlet-2.4-api-javadoc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-jasper", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageFilename": "tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "packageName": "tomcat5-jasper-javadoc", "operator": "lt"}], "description": " [5.5.23-0jpp.3.0.3]\n - Patch for CVE-2007-5342\n Resolves: bz# 427776\n - Patch for CVE-2007-5461\n Resolves: bz# 334561 ", "edition": 3, "reporter": "Oracle", "published": "2008-03-11T00:00:00", "title": "Moderate: tomcat security update ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2008-03-11T00:00:00", "id": "ELSA-2008-0042", "href": "http://linux.oracle.com/errata/ELSA-2008-0042.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2019-01-16T20:14:11", "references": ["http://www.nessus.org/u?fd4f68a7"], "pluginID": "60371", "description": "A directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)", "edition": 7, "reporter": "Tenable", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : tomcat on SL5.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2019-01-07T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080311_TOMCAT_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60371", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60371);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/01/07 9:52:18\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5461\");\n\n script_name(english:\"Scientific Linux Security Update : tomcat on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0803&L=scientific-linux-errata&T=0&P=1946\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd4f68a7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_cwe_id(22, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:15:25", "references": ["https://access.redhat.com/errata/RHSA-2008:0831", "https://access.redhat.com/security/cve/cve-2008-3519", "http://www.nessus.org/u?13c46bfa", "https://access.redhat.com/security/cve/cve-2007-5342"], "pluginID": "63864", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 4 as JBEAP 4.3.0.CP02.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.3.0.CP01.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 4 are advised to\nupgrade to these updated packages, which resolve these issues.", "edition": 8, "reporter": "Tenable", "published": "2013-01-24T00:00:00", "title": "RHEL 4 : JBoss EAP (RHSA-2008:0831)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2008-3519"], "modified": "2018-11-27T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaf", "p-cpe:/a:redhat:enterprise_linux:jbossws-framework", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:jboss-aop", "p-cpe:/a:redhat:enterprise_linux:jbossws", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb", "p-cpe:/a:redhat:enterprise_linux:javassist", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:jbossws-common", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-beanutils", "p-cpe:/a:redhat:enterprise_linux:jbossxb", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:glassfish-javamail", "p-cpe:/a:redhat:enterprise_linux:jboss-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws-javadoc", "p-cpe:/a:redhat:enterprise_linux:glassfish-jstl", "p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jboss-jaxr", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator"], "id": "REDHAT-RHSA-2008-0831.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63864", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0831. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63864);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-3519\");\n script_xref(name:\"RHSA\", value:\"2008:0831\");\n\n script_name(english:\"RHEL 4 : JBoss EAP (RHSA-2008:0831)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 4 as JBEAP 4.3.0.CP02.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.3.0.CP01.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 4 are advised to\nupgrade to these updated packages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3519\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0831\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_cwe_id(16, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-javamail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jstl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-beanutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:javassist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-aop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-framework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0831\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"jbossweb-2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaf-1.1.0-0jpp.ep1.12.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-javamail-1.4.0-0jpp.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaxb-2.1.4-1jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaxb-javadoc-2.1.4-1jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaxws-2.1.1-1jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaxws-javadoc-2.1.1-1jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jstl-1.2.0-0jpp.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-3.2.4-1.SP1_CP04.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-3.2.1-4.GA_CP02.1jpp.ep1.7.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-javadoc-3.2.1-4.GA_CP02.1jpp.ep1.7.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-commons-annotations-0.0.0-1.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-3.2.1-2.GA_CP03.1jpp.ep1.9.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-javadoc-3.2.1-2.GA_CP03.1jpp.ep1.9.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP04.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-validator-0.0.0-1.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jakarta-commons-beanutils-1.7.0-2jpp.ep1.5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"javassist-3.8.0-1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-aop-1.5.5-2.CP02.0jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-jaxr-1.2.0-SP1.0jpp.ep1.4.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-messaging-1.4.0-1.SP3_CP03.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-remoting-2.2.2-3.SP9.0jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-1.2.1-3.JBPAPP_4_3_0_GA.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-docs-1.2.1-3.JBPAPP_4_3_0_GA.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-4.3.0-2.GA_CP02.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossts-4.2.3-1.SP5_CP02.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossweb-2.0.0-4.CP06.0jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-2.0.1-2.SP2_CP03.0jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-common-1.0.0-1.GA_CP01.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-framework-2.0.1-0jpp.ep1.11.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossxb-1.0.0-2.SP3.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rh-eap-docs-4.3.0-3.GA_CP02.ep1.9.el4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glassfish-jaf / glassfish-javamail / glassfish-jaxb / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:16:27", "references": ["https://oss.oracle.com/pipermail/el-errata/2008-March/000540.html"], "pluginID": "67640", "description": "From Red Hat Security Advisory 2008:0042 :\n\nUpdated tomcat packages that fix security issues and bugs are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nTomcat is a servlet container for Java Servlet and JavaServer Pages\ntechnologies.\n\nA directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nUsers of Tomcat should update to these errata packages, which contain\nbackported patches and are not vulnerable to these issues.", "edition": 7, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : tomcat (ELSA-2008-0042)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2018-07-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tomcat5-jasper", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:oracle:linux:tomcat5", "p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:tomcat5-admin-webapps", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-server-lib", "p-cpe:/a:oracle:linux:tomcat5-webapps", "p-cpe:/a:oracle:linux:tomcat5-common-lib", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api"], "id": "ORACLELINUX_ELSA-2008-0042.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67640", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0042 and \n# Oracle Linux Security Advisory ELSA-2008-0042 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67640);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5461\");\n script_bugtraq_id(26070, 27006);\n script_xref(name:\"RHSA\", value:\"2008:0042\");\n\n script_name(english:\"Oracle Linux 5 : tomcat (ELSA-2008-0042)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0042 :\n\nUpdated tomcat packages that fix security issues and bugs are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nTomcat is a servlet container for Java Servlet and JavaServer Pages\ntechnologies.\n\nA directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nUsers of Tomcat should update to these errata packages, which contain\nbackported patches and are not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-March/000540.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:10:12", "references": ["http://www.nessus.org/u?3b01cf4d", "http://www.nessus.org/u?022f00b8"], "pluginID": "43669", "description": "Updated tomcat packages that fix security issues and bugs are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nTomcat is a servlet container for Java Servlet and JavaServer Pages\ntechnologies.\n\nA directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nUsers of Tomcat should update to these errata packages, which contain\nbackported patches and are not vulnerable to these issues.", "edition": 9, "reporter": "Tenable", "published": "2010-01-06T00:00:00", "title": "CentOS 5 : tomcat (CESA-2008:0042)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tomcat5", "p-cpe:/a:centos:centos:tomcat5-webapps", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api", "p-cpe:/a:centos:centos:tomcat5-server-lib", "p-cpe:/a:centos:centos:tomcat5-admin-webapps", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api", "p-cpe:/a:centos:centos:tomcat5-jasper-javadoc", "p-cpe:/a:centos:centos:tomcat5-common-lib", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:centos:centos:tomcat5-jasper", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc"], "id": "CENTOS_RHSA-2008-0042.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=43669", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0042 and \n# CentOS Errata and Security Advisory 2008:0042 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(43669);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/11/10 11:49:28\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5461\");\n script_bugtraq_id(26070, 27006);\n script_xref(name:\"RHSA\", value:\"2008:0042\");\n\n script_name(english:\"CentOS 5 : tomcat (CESA-2008:0042)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix security issues and bugs are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nTomcat is a servlet container for Java Servlet and JavaServer Pages\ntechnologies.\n\nA directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nUsers of Tomcat should update to these errata packages, which contain\nbackported patches and are not vulnerable to these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-March/014764.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3b01cf4d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-March/014765.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?022f00b8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:08:11", "references": ["https://access.redhat.com/errata/RHSA-2008:0042", "https://access.redhat.com/security/cve/cve-2007-5461", "https://access.redhat.com/security/cve/cve-2007-5342"], "pluginID": "31448", "description": "Updated tomcat packages that fix security issues and bugs are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nTomcat is a servlet container for Java Servlet and JavaServer Pages\ntechnologies.\n\nA directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nUsers of Tomcat should update to these errata packages, which contain\nbackported patches and are not vulnerable to these issues.", "edition": 9, "reporter": "Tenable", "published": "2008-03-13T00:00:00", "title": "RHEL 5 : tomcat (RHSA-2008:0042)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2018-11-27T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper", "p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps", "cpe:/o:redhat:enterprise_linux:5.1", "p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api"], "id": "REDHAT-RHSA-2008-0042.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31448", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0042. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31448);\n script_version (\"1.23\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5461\");\n script_bugtraq_id(26070, 27006);\n script_xref(name:\"RHSA\", value:\"2008:0042\");\n\n script_name(english:\"RHEL 5 : tomcat (RHSA-2008:0042)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix security issues and bugs are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nTomcat is a servlet container for Java Servlet and JavaServer Pages\ntechnologies.\n\nA directory traversal vulnerability existed in the Apache Tomcat\nwebdav servlet. In some configurations it allowed remote authenticated\nusers to read files accessible to the local tomcat process.\n(CVE-2007-5461)\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nUsers of Tomcat should update to these errata packages, which contain\nbackported patches and are not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0042\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0042\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:15:25", "references": ["https://access.redhat.com/errata/RHSA-2008:0834", "https://access.redhat.com/security/cve/cve-2008-3519", "http://www.nessus.org/u?13c46bfa", "https://access.redhat.com/security/cve/cve-2007-5342"], "pluginID": "63867", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 5 as JBEAP 4.2.0.CP04.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.2.0.CP03.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 5 are advised to\nupgrade to these updated packages, which resolve these issues.", "edition": 8, "reporter": "Tenable", "published": "2013-01-24T00:00:00", "title": "RHEL 5 : JBoss EAP (RHSA-2008:0834)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2008-3519"], "modified": "2018-11-27T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaf", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:jboss-aop", "p-cpe:/a:redhat:enterprise_linux:javassist", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:jbossxb", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:glassfish-javamail", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:glassfish-jstl", "p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jboss-jaxr", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator"], "id": "REDHAT-RHSA-2008-0834.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63867", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0834. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63867);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-3519\");\n script_xref(name:\"RHSA\", value:\"2008:0834\");\n\n script_name(english:\"RHEL 5 : JBoss EAP (RHSA-2008:0834)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 5 as JBEAP 4.2.0.CP04.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.2.0.CP03.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 5 are advised to\nupgrade to these updated packages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3519\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0834\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_cwe_id(16, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-javamail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jstl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:javassist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-aop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0834\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossweb-2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaf-1.1.0-0jpp.ep1.12.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-javamail-1.4.0-0jpp.ep1.10.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jstl-1.2.0-0jpp.ep1.10.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-3.2.4-1.SP1_CP04.0jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-javadoc-3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-commons-annotations-0.0.0-1.1jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-3.2.1-2.GA_CP03.1jpp.ep1.9.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-javadoc-3.2.1-2.GA_CP03.1jpp.ep1.9.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP04.0jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-validator-0.0.0-1.1jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"javassist-3.8.0-1jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-aop-1.5.5-2.CP02.0jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-jaxr-1.2.0-SP1.0jpp.ep1.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-remoting-2.2.2-3.SP9.0jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-1.2.1-1.ep1.9.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-docs-1.2.1-1.ep1.9.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-4.2.0-4.GA_CP04.ep1.7.el5.6\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossts-4.2.3-1.SP5_CP02.1jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-2.0.0-4.CP06.0jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossxb-1.0.0-2.SP3.0jpp.ep1.3.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rh-eap-docs-4.2.0-4.GA_CP04.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rh-eap-docs-examples-4.2.0-4.GA_CP04.ep1.3.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glassfish-jaf / glassfish-javamail / glassfish-jstl / hibernate3 / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:15:25", "references": ["https://access.redhat.com/security/cve/cve-2008-3519", "http://www.nessus.org/u?13c46bfa", "https://access.redhat.com/security/cve/cve-2007-5342", "https://access.redhat.com/errata/RHSA-2008:0832"], "pluginID": "63865", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 5 as JBEAP 4.3.0.CP02.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.3.0.CP01.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to\nupgrade to these updated packages, which resolve these issues.", "edition": 8, "reporter": "Tenable", "published": "2013-01-24T00:00:00", "title": "RHEL 5 : JBoss EAP (RHSA-2008:0832)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2008-3519"], "modified": "2018-11-27T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaf", "p-cpe:/a:redhat:enterprise_linux:jbossws-framework", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:jboss-aop", "p-cpe:/a:redhat:enterprise_linux:jbossws", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb", "p-cpe:/a:redhat:enterprise_linux:javassist", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:jbossws-common", "p-cpe:/a:redhat:enterprise_linux:jbossxb", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:glassfish-javamail", "p-cpe:/a:redhat:enterprise_linux:jboss-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws-javadoc", "p-cpe:/a:redhat:enterprise_linux:glassfish-jstl", "p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jboss-jaxr", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator"], "id": "REDHAT-RHSA-2008-0832.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63865", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0832. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63865);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-3519\");\n script_xref(name:\"RHSA\", value:\"2008:0832\");\n\n script_name(english:\"RHEL 5 : JBoss EAP (RHSA-2008:0832)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 5 as JBEAP 4.3.0.CP02.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.3.0.CP01.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to\nupgrade to these updated packages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3519\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0832\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_cwe_id(16, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-javamail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxws-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jstl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:javassist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-aop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-framework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0832\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossweb-2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaf-1.1.0-0jpp.ep1.12.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-javamail-1.4.0-0jpp.ep1.10.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaxb-2.1.4-1jpp.ep1.4.el5.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaxb-javadoc-2.1.4-1jpp.ep1.4.el5.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaxws-2.1.1-1jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaxws-javadoc-2.1.1-1jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jstl-1.2.0-0jpp.ep1.10.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-3.2.4-1.SP1_CP04.0jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-javadoc-3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-commons-annotations-0.0.0-1.1jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-3.2.1-2.GA_CP03.1jpp.ep1.9.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-javadoc-3.2.1-2.GA_CP03.1jpp.ep1.9.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP04.0jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-validator-0.0.0-1.1jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"javassist-3.8.0-1jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-aop-1.5.5-2.CP02.0jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-jaxr-1.2.0-SP1.0jpp.ep1.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-messaging-1.4.0-1.SP3_CP03.0jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-remoting-2.2.2-3.SP9.0jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-1.2.1-3.JBPAPP_4_3_0_GA.ep1.7.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-docs-1.2.1-3.JBPAPP_4_3_0_GA.ep1.7.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-4.3.0-2.GA_CP02.ep1.10.el5.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossts-4.2.3-1.SP5_CP02.1jpp.ep1.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-2.0.0-4.CP06.0jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-2.0.1-2.SP2_CP03.0jpp.ep1.1.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-common-1.0.0-1.GA_CP01.0jpp.ep1.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-framework-2.0.1-0jpp.ep1.11.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossxb-1.0.0-2.SP3.0jpp.ep1.3.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rh-eap-docs-4.3.0-2.GA_CP02.ep1.6.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glassfish-jaf / glassfish-javamail / glassfish-jaxb / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:15:25", "references": ["https://access.redhat.com/security/cve/cve-2008-3519", "http://www.nessus.org/u?13c46bfa", "https://access.redhat.com/security/cve/cve-2007-5342", "https://access.redhat.com/errata/RHSA-2008:0833"], "pluginID": "63866", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 4 as JBEAP 4.2.0.CP04.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.2.0.CP03.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 4 are advised to\nupgrade to these updated packages, which resolve these issues.", "edition": 8, "reporter": "Tenable", "published": "2013-01-24T00:00:00", "title": "RHEL 4 : JBoss EAP (RHSA-2008:0833)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2008-3519"], "modified": "2018-11-27T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaf", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:jboss-aop", "p-cpe:/a:redhat:enterprise_linux:javassist", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-beanutils", "p-cpe:/a:redhat:enterprise_linux:jbossxb", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:glassfish-javamail", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:glassfish-jstl", "p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jboss-jaxr", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator"], "id": "REDHAT-RHSA-2008-0833.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63866", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0833. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63866);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-3519\");\n script_xref(name:\"RHSA\", value:\"2008:0833\");\n\n script_name(english:\"RHEL 4 : JBoss EAP (RHSA-2008:0833)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages\nthat fix various security issues are now available for Red Hat\nEnterprise Linux 4 as JBEAP 4.2.0.CP04.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.2.0.CP03.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section.\n\nThe following security issues are also fixed with this release :\n\nThe default security policy in the JULI logging component did not\nrestrict access permissions to files. This could be misused by\nuntrusted web applications to access and write arbitrary files in the\ncontext of the tomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to\n'true' in the 'production' configuration. When the class download\nservice is bound to an external interface, a remote attacker was able\nto download arbitrary class files from the server class path.\n(CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 4 are advised to\nupgrade to these updated packages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3519\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0833\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_cwe_id(16, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-javamail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jstl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-beanutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:javassist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-aop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0833\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"jbossweb-2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaf-1.1.0-0jpp.ep1.12.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-javamail-1.4.0-0jpp.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jstl-1.2.0-0jpp.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-3.2.4-1.SP1_CP04.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-3.2.1-4.GA_CP02.1jpp.ep1.7.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-javadoc-3.2.1-4.GA_CP02.1jpp.ep1.7.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-commons-annotations-0.0.0-1.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-3.2.1-2.GA_CP03.1jpp.ep1.9.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-javadoc-3.2.1-2.GA_CP03.1jpp.ep1.9.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP04.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-validator-0.0.0-1.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jakarta-commons-beanutils-1.7.0-2jpp.ep1.5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"javassist-3.8.0-1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-aop-1.5.5-2.CP02.0jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-jaxr-1.2.0-SP1.0jpp.ep1.4.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-remoting-2.2.2-3.SP9.0jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-1.2.1-1.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-docs-1.2.1-1.ep1.10.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-4.2.0-3.GA_CP04.ep1.8.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossts-4.2.3-1.SP5_CP02.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossweb-2.0.0-4.CP06.0jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossxb-1.0.0-2.SP3.0jpp.ep1.3.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rh-eap-docs-4.2.0-4.GA_CP04.ep1.5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rh-eap-docs-examples-4.2.0-4.GA_CP04.ep1.5.el4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glassfish-jaf / glassfish-javamail / glassfish-jstl / hibernate3 / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:08:07", "references": ["http://www.nessus.org/u?ed652e47", "https://bugzilla.redhat.com/show_bug.cgi?id=427216", "https://bugzilla.redhat.com/show_bug.cgi?id=432327", "https://bugzilla.redhat.com/show_bug.cgi?id=432332", "https://bugzilla.redhat.com/show_bug.cgi?id=427766"], "pluginID": "31062", "description": "----------------------------------------------------------------------\n---------- ChangeLog :\n\n - Tue Feb 12 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.26-1jpp.2\n\n - Rebuilt\n\n - Fri Feb 8 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.26-1jpp.1\n\n - Update to new upstream version, which also fixes the\n following :\n\n - CVE-2007-5342\n\n - CVE-2007-5333\n\n - CVE-2007-5461\n\n - CVE-2007-6286\n\n - Removed patch20, now in upstream.\n\n - Sat Jan 5 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.25-2jpp.2\n\n - Fix for bz #153187\n\n - Fix init script for bz #380921\n\n - Fix tomcat5.conf and spec file for bz #253605\n\n - Fix for bz #426850\n\n - Fix for bz #312561\n\n - Fix init script, per bz #247077\n\n - Fix builds on alpha, per bz #253827\n\n - Thu Nov 15 2007 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.25-1jpp.1\n\n - Updated to 5.5.25, to fix the following issues :\n\n - CVE-2007-1355\n\n - CVE-2007-3386\n\n - CVE-2007-3385\n\n - CVE-2007-3382\n\n - CVE-2007-2450, RH bugzilla #244808, #244810, #244812,\n #363081\n\n - CVE-2007-2449, RH bugzilla #244810, #244812, #244804,\n #363081\n\n - Applied patch(20) for RH bugzilla #333791,\n CVE-2007-5461\n\n - Applied patch(21) for RH bugzilla #244803, #244812,\n #363081, CVE-2007-1358\n\n - Mon Aug 6 2007 Ben Konrath <bkonrath at redhat.com>\n 0:5.5.23-9jpp.4\n\n - Add jasper-eclipse subpackage which is needed for\n eclipse 3.3.\n\n - Inject OSGi manifest into servlet api jar and jsp api\n jar.\n\n - Mon Jul 23 2007 Vivek Lakshmanan <vivekl at\n redhat.com> 0:5.5.23-9jpp.3\n\n - Resolves: Bug 246374\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2008-02-14T00:00:00", "title": "Fedora 7 : tomcat5-5.5.26-1jpp.2.fc7 (2008-1467)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5333", "CVE-2007-6286", "CVE-2008-0002"], "modified": "2018-11-28T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat5", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2008-1467.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31062", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1467.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31062);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/11/28 22:47:42\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-6286\", \"CVE-2008-0002\");\n script_bugtraq_id(27006, 27703, 27706);\n script_xref(name:\"FEDORA\", value:\"2008-1467\");\n\n script_name(english:\"Fedora 7 : tomcat5-5.5.26-1jpp.2.fc7 (2008-1467)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"----------------------------------------------------------------------\n---------- ChangeLog :\n\n - Tue Feb 12 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.26-1jpp.2\n\n - Rebuilt\n\n - Fri Feb 8 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.26-1jpp.1\n\n - Update to new upstream version, which also fixes the\n following :\n\n - CVE-2007-5342\n\n - CVE-2007-5333\n\n - CVE-2007-5461\n\n - CVE-2007-6286\n\n - Removed patch20, now in upstream.\n\n - Sat Jan 5 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.25-2jpp.2\n\n - Fix for bz #153187\n\n - Fix init script for bz #380921\n\n - Fix tomcat5.conf and spec file for bz #253605\n\n - Fix for bz #426850\n\n - Fix for bz #312561\n\n - Fix init script, per bz #247077\n\n - Fix builds on alpha, per bz #253827\n\n - Thu Nov 15 2007 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.25-1jpp.1\n\n - Updated to 5.5.25, to fix the following issues :\n\n - CVE-2007-1355\n\n - CVE-2007-3386\n\n - CVE-2007-3385\n\n - CVE-2007-3382\n\n - CVE-2007-2450, RH bugzilla #244808, #244810, #244812,\n #363081\n\n - CVE-2007-2449, RH bugzilla #244810, #244812, #244804,\n #363081\n\n - Applied patch(20) for RH bugzilla #333791,\n CVE-2007-5461\n\n - Applied patch(21) for RH bugzilla #244803, #244812,\n #363081, CVE-2007-1358\n\n - Mon Aug 6 2007 Ben Konrath <bkonrath at redhat.com>\n 0:5.5.23-9jpp.4\n\n - Add jasper-eclipse subpackage which is needed for\n eclipse 3.3.\n\n - Inject OSGi manifest into servlet api jar and jsp api\n jar.\n\n - Mon Jul 23 2007 Vivek Lakshmanan <vivekl at\n redhat.com> 0:5.5.23-9jpp.3\n\n - Resolves: Bug 246374\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=432327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=432332\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007696.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ed652e47\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"tomcat5-5.5.26-1jpp.2.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:09:06", "references": [], "pluginID": "36926", "description": "A number of vulnerabilities have been discovered in the Apache Tomcat\nserver :\n\nThe default catalina.policy in the JULI logging component did not\nrestrict certain permissions for web applications which could allow a\nremote attacker to modify logging configuration options and overwrite\narbitrary files (CVE-2007-5342).\n\nA cross-site scripting vulnerability was found in the\nHttpServletResponse.sendError() method which could allow a remote\nattacker to inject arbitrary web script or HTML via forged HTTP\nheaders (CVE-2008-1232).\n\nA cross-site scripting vulnerability was found in the host manager\napplication that could allow a remote attacker to inject arbitrary web\nscript or HTML via the hostname parameter (CVE-2008-1947).\n\nA traversal vulnerability was found when using a RequestDispatcher in\ncombination with a servlet or JSP that could allow a remote attacker\nto utilize a specially crafted request parameter to access protected\nweb resources (CVE-2008-2370).\n\nA traversal vulnerability was found when the 'allowLinking' and\n'URIencoding' settings were actived which could allow a remote\nattacker to use a UTF-8-encoded request to extend their privileges and\nobtain local files accessible to the Tomcat process (CVE-2008-2938).\n\nThe updated packages have been patched to correct these issues.", "edition": 7, "reporter": "Tenable", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : tomcat5 (MDVSA-2008:188)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tomcat5-common-lib", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:mandriva:linux:tomcat5-admin-webapps", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-server-lib", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse", "p-cpe:/a:mandriva:linux:tomcat5", "p-cpe:/a:mandriva:linux:tomcat5-webapps", "p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-jasper"], "id": "MANDRIVA_MDVSA-2008-188.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36926", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:188. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36926);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2018/07/19 20:59:15\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_xref(name:\"MDVSA\", value:\"2008:188\");\n\n script_name(english:\"Mandriva Linux Security Advisory : tomcat5 (MDVSA-2008:188)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Apache Tomcat\nserver :\n\nThe default catalina.policy in the JULI logging component did not\nrestrict certain permissions for web applications which could allow a\nremote attacker to modify logging configuration options and overwrite\narbitrary files (CVE-2007-5342).\n\nA cross-site scripting vulnerability was found in the\nHttpServletResponse.sendError() method which could allow a remote\nattacker to inject arbitrary web script or HTML via forged HTTP\nheaders (CVE-2008-1232).\n\nA cross-site scripting vulnerability was found in the host manager\napplication that could allow a remote attacker to inject arbitrary web\nscript or HTML via the hostname parameter (CVE-2008-1947).\n\nA traversal vulnerability was found when using a RequestDispatcher in\ncombination with a servlet or JSP that could allow a remote attacker\nto utilize a specially crafted request parameter to access protected\nweb resources (CVE-2008-2370).\n\nA traversal vulnerability was found when the 'allowLinking' and\n'URIencoding' settings were actived which could allow a remote\nattacker to use a UTF-8-encoded request to extend their privileges and\nobtain local files accessible to the Tomcat process (CVE-2008-2938).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-27T10:55:58", "references": ["2008:0042-01", "https://www.redhat.com/archives/rhsa-announce/2008-March/msg00005.html"], "pluginID": "870029", "description": "Check for the Version of tomcat", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "RedHat Update for tomcat RHSA-2008:0042-01", "type": "openvas", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2017-07-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870029", "id": "OPENVAS:870029", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat RHSA-2008:0042-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is a servlet container for Java Servlet and JavaServer Pages\n technologies.\n\n A directory traversal vulnerability existed in the Apache Tomcat webdav\n servlet. In some configurations it allowed remote authenticated users to\n read files accessible to the local tomcat process. (CVE-2007-5461)\n\n The default security policy in the JULI logging component did not restrict\n access permissions to files. This could be misused by untrusted web\n applications to access and write arbitrary files in the context of the\n tomcat process. (CVE-2007-5342)\n\n Users of Tomcat should update to these errata packages, which contain\n backported patches and are not vulnerable to these issues.\";\n\ntag_affected = \"tomcat on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-March/msg00005.html\");\n script_id(870029);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"RHSA\", value: \"2008:0042-01\");\n script_cve_id(\"CVE-2007-5461\", \"CVE-2007-5342\");\n script_name( \"RedHat Update for tomcat RHSA-2008:0042-01\");\n\n script_summary(\"Check for the Version of tomcat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-28T18:25:21", "references": ["http://linux.oracle.com/errata/ELSA-2008-0042.html"], "pluginID": "1361412562310122603", "description": "Oracle Linux Local Security Checks ELSA-2008-0042", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-08T00:00:00", "title": "Oracle Linux Local Check: ELSA-2008-0042", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122603", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122603", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0042.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122603\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:49:05 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0042\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0042 - Moderate: tomcat security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0042\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0042.html\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5461\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.3.0.3.el5_1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-09T11:39:28", "references": ["2008:0042-01", "https://www.redhat.com/archives/rhsa-announce/2008-March/msg00005.html"], "pluginID": "1361412562310870029", "description": "Check for the Version of tomcat", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat RHSA-2008:0042-01", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870029", "id": "OPENVAS:1361412562310870029", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat RHSA-2008:0042-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is a servlet container for Java Servlet and JavaServer Pages\n technologies.\n\n A directory traversal vulnerability existed in the Apache Tomcat webdav\n servlet. In some configurations it allowed remote authenticated users to\n read files accessible to the local tomcat process. (CVE-2007-5461)\n\n The default security policy in the JULI logging component did not restrict\n access permissions to files. This could be misused by untrusted web\n applications to access and write arbitrary files in the context of the\n tomcat process. (CVE-2007-5342)\n\n Users of Tomcat should update to these errata packages, which contain\n backported patches and are not vulnerable to these issues.\";\n\ntag_affected = \"tomcat on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-March/msg00005.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870029\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"RHSA\", value: \"2008:0042-01\");\n script_cve_id(\"CVE-2007-5461\", \"CVE-2007-5342\");\n script_name( \"RedHat Update for tomcat RHSA-2008:0042-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of tomcat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.3.0.3.el5_1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:42", "references": [], "pluginID": "60810", "description": "The remote host is missing updates announced in\nadvisory GLSA 200804-10.", "edition": 2, "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "Gentoo Security Advisory GLSA 200804-10 (tomcat)", "type": "openvas", "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5333", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-0002"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60810", "id": "OPENVAS:60810", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Tomcat may lead to local file overwriting,\nsession hijacking or information disclosure.\";\ntag_solution = \"All Tomcat 5.5.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-5.5.26'\n\nAll Tomcat 6.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-6.0.16'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200804-10\nhttp://bugs.gentoo.org/show_bug.cgi?id=196066\nhttp://bugs.gentoo.org/show_bug.cgi?id=203169\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200804-10.\";\n\n \n\nif(description)\n{\n script_id(60810);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-6286\", \"CVE-2008-0002\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200804-10 (tomcat)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-servers/tomcat\", unaffected: make_list(\"rge 5.5.26\", \"ge 6.0.16\"), vulnerable: make_list(\"lt 6.0.16\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:49", "references": [], "pluginID": "60102", "description": "The remote host is missing an update to tomcat5.5\nannounced via advisory DSA 1447-1.", "edition": 2, "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "title": "Debian Security Advisory DSA 1447-1 (tomcat5.5)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-3382", "CVE-2007-3386", "CVE-2007-5461", "CVE-2007-3385"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60102", "id": "OPENVAS:60102", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1447_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1447-1 (tomcat5.5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Tomcat\nservlet and JSP engine. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2007-3382\n\nIt was discovered that single quotes (') in cookies were treated\nas a delimiter, which could lead to an information leak.\n\nCVE-2007-3385\n\nIt was discovered that the character sequence \\ in cookies was\nhandled incorrectly, which could lead to an information leak.\n\nCVE-2007-3386\n\nIt was discovered that the host manager servlet performed\ninsufficient input validation, which could lead to cross-site\nscripting.\n\nCVE-2007-5342\n\nIt was discovered that the JULI logging component did not restrict\nits target path, resulting in potential denial of service through\nfile overwrites.\n\nCVE-2007-5461\n\nIt was discovered that the WebDAV servlet is vulnerable to absolute\npath traversal.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.5.20-2etch1.\n\nThe old stable distribution (sarge) doesn't contain tomcat5.5.\n\nThe unstable distribution (sid) will be fixed soon.\n\nWe recommend that you upgrade your tomcat5.5 packages.\";\ntag_summary = \"The remote host is missing an update to tomcat5.5\nannounced via advisory DSA 1447-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201447-1\";\n\n\nif(description)\n{\n script_id(60102);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5342\", \"CVE-2007-5461\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 1447-1 (tomcat5.5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libtomcat5.5-java\", ver:\"5.5.20-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat5.5-webapps\", ver:\"5.5.20-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat5.5\", ver:\"5.5.20-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat5.5-admin\", ver:\"5.5.20-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:56:32", "references": ["2008:188", "http://lists.mandriva.com/security-announce/2008-09/msg00005.php"], "pluginID": "830681", "description": "Check for the Version of tomcat5", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "title": "Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830681", "id": "OPENVAS:830681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Apache\n Tomcat server:\n\n The default catalina.policy in the JULI logging component did not\n restrict certain permissions for web applications which could allow a\n remote attacker to modify logging configuration options and overwrite\n arbitrary files (CVE-2007-5342).\n \n A cross-site scripting vulnerability was found in the\n HttpServletResponse.sendError() method which could allow a remote\n attacker to inject arbitrary web script or HTML via forged HTTP headers\n (CVE-2008-1232).\n \n A cross-site scripting vulnerability was found in the host manager\n application that could allow a remote attacker to inject arbitrary\n web script or HTML via the hostname parameter (CVE-2008-1947).\n \n A traversal vulnerability was found when using a RequestDispatcher in\n combination with a servlet or JSP that could allow a remote attacker\n to utilize a specially-crafted request parameter to access protected\n web resources (CVE-2008-2370).\n \n A traversal vulnerability was found when the 'allowLinking' and\n 'URIencoding' settings were activated which could allow a remote attacker\n to use a UTF-8-encoded request to extend their privileges and obtain\n local files accessible to the Tomcat process (CVE-2008-2938).\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"tomcat5 on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-09/msg00005.php\");\n script_id(830681);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2008:188\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-09T11:39:51", "references": ["2008:188", "http://lists.mandriva.com/security-announce/2008-09/msg00005.php"], "pluginID": "1361412562310830681", "description": "Check for the Version of tomcat5", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "title": "Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830681", "id": "OPENVAS:1361412562310830681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Apache\n Tomcat server:\n\n The default catalina.policy in the JULI logging component did not\n restrict certain permissions for web applications which could allow a\n remote attacker to modify logging configuration options and overwrite\n arbitrary files (CVE-2007-5342).\n \n A cross-site scripting vulnerability was found in the\n HttpServletResponse.sendError() method which could allow a remote\n attacker to inject arbitrary web script or HTML via forged HTTP headers\n (CVE-2008-1232).\n \n A cross-site scripting vulnerability was found in the host manager\n application that could allow a remote attacker to inject arbitrary\n web script or HTML via the hostname parameter (CVE-2008-1947).\n \n A traversal vulnerability was found when using a RequestDispatcher in\n combination with a servlet or JSP that could allow a remote attacker\n to utilize a specially-crafted request parameter to access protected\n web resources (CVE-2008-2370).\n \n A traversal vulnerability was found when the 'allowLinking' and\n 'URIencoding' settings were activated which could allow a remote attacker\n to use a UTF-8-encoded request to extend their privileges and obtain\n local files accessible to the Tomcat process (CVE-2008-2938).\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"tomcat5 on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-09/msg00005.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830681\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2008:188\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-25T10:57:08", "references": ["2008-1467", "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html"], "pluginID": "860524", "description": "Check for the Version of tomcat5", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-16T00:00:00", "title": "Fedora Update for tomcat5 FEDORA-2008-1467", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-1355", "CVE-2007-5333", "CVE-2007-3382", "CVE-2007-2450", "CVE-2007-2449", "CVE-2007-3386", "CVE-2007-5461", "CVE-2007-6286", "CVE-2007-3385", "CVE-2007-1358", "CVE-2008-0002"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860524", "id": "OPENVAS:860524", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat5 FEDORA-2008-1467\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License. Tomcat is intended to be\n a collaboration of the best-of-breed developers from around the world.\n We invite you to participate in this open development project. To\n learn more about getting involved, click here.\";\n\ntag_affected = \"tomcat5 on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html\");\n script_id(860524);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-1467\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5333\", \"CVE-2007-5461\", \"CVE-2007-6286\", \"CVE-2007-1355\", \"CVE-2007-3386\", \"CVE-2007-3385\", \"CVE-2007-3382\", \"CVE-2007-2450\", \"CVE-2007-2449\", \"CVE-2007-1358\", \"CVE-2008-0002\");\n script_name( \"Fedora Update for tomcat5 FEDORA-2008-1467\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.26~1jpp.2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-25T10:56:00", "references": ["2008-1603", "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html"], "pluginID": "860345", "description": "Check for the Version of tomcat5", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for tomcat5 FEDORA-2008-1603", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-1355", "CVE-2007-5333", "CVE-2007-3382", "CVE-2007-2450", "CVE-2007-2449", "CVE-2007-3386", "CVE-2007-5461", "CVE-2007-6286", "CVE-2007-3385", "CVE-2007-1358", "CVE-2008-0002"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860345", "id": "OPENVAS:860345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat5 FEDORA-2008-1603\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License. Tomcat is intended to be\n a collaboration of the best-of-breed developers from around the world.\n We invite you to participate in this open development project. To\n learn more about getting involved, click here.\";\n\ntag_affected = \"tomcat5 on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html\");\n script_id(860345);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-1603\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5333\", \"CVE-2007-5461\", \"CVE-2007-6286\", \"CVE-2007-1355\", \"CVE-2007-3386\", \"CVE-2007-3385\", \"CVE-2007-3382\", \"CVE-2007-2450\", \"CVE-2007-2449\", \"CVE-2007-1358\", \"CVE-2008-0002\");\n script_name( \"Fedora Update for tomcat5 FEDORA-2008-1603\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.26~1jpp.2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:40:38", "references": [], "pluginID": "136141256231065836", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Websphere Community Edition", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5342", "CVE-2007-5333", "CVE-2007-3382", "CVE-2007-0184", "CVE-2007-0185", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2007-5613", "CVE-2007-3386", "CVE-2008-2938", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-2370", "CVE-2007-2377", "CVE-2007-3385", "CVE-2008-1232", "CVE-2007-5615", "CVE-2008-0002"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065836", "id": "OPENVAS:136141256231065836", "sourceData": "#\n#VID slesp2-websphere-as_ce-5850\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Websphere Community Edition\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65836\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for Websphere Community Edition\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"websphere-as_ce\", rpm:\"websphere-as_ce~2.1.0.1~3.3\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:25:12", "references": ["https://rhn.redhat.com/errata/RHSA-2008-0042.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-jsp-2.0-api", "packageFilename": "tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "any", "packageName": "tomcat5", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "any", "packageName": "tomcat5", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-server-lib", "packageFilename": "tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-jsp-2.0-api", "packageFilename": "tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-admin-webapps", "packageFilename": "tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-servlet-2.4-api", "packageFilename": "tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-jasper", "packageFilename": "tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-jasper-javadoc", "packageFilename": "tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-common-lib", "packageFilename": "tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5", "packageFilename": "tomcat5-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-jasper-javadoc", "packageFilename": "tomcat5-jasper-javadoc-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-webapps", "packageFilename": "tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-servlet-2.4-api-javadoc", "packageFilename": "tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-admin-webapps", "packageFilename": "tomcat5-admin-webapps-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-server-lib", "packageFilename": "tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-webapps", "packageFilename": "tomcat5-webapps-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-servlet-2.4-api", "packageFilename": "tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-jasper", "packageFilename": "tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-jsp-2.0-api-javadoc", "packageFilename": "tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-servlet-2.4-api-javadoc", "packageFilename": "tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-common-lib", "packageFilename": "tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "x86_64", "packageName": "tomcat5-jsp-2.0-api-javadoc", "packageFilename": "tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.3.0.3.el5_1.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2008:0042\n\n\nTomcat is a servlet container for Java Servlet and JavaServer Pages\r\ntechnologies.\r\n\r\nA directory traversal vulnerability existed in the Apache Tomcat webdav\r\nservlet. In some configurations it allowed remote authenticated users to\r\nread files accessible to the local tomcat process. (CVE-2007-5461)\r\n\r\nThe default security policy in the JULI logging component did not restrict\r\naccess permissions to files. This could be misused by untrusted web\r\napplications to access and write arbitrary files in the context of the\r\ntomcat process. (CVE-2007-5342)\r\n\r\nUsers of Tomcat should update to these errata packages, which contain\r\nbackported patches and are not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-March/014764.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-March/014765.html\n\n**Affected packages:**\ntomcat5\ntomcat5-admin-webapps\ntomcat5-common-lib\ntomcat5-jasper\ntomcat5-jasper-javadoc\ntomcat5-jsp-2.0-api\ntomcat5-jsp-2.0-api-javadoc\ntomcat5-server-lib\ntomcat5-servlet-2.4-api\ntomcat5-servlet-2.4-api-javadoc\ntomcat5-webapps\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0042.html", "edition": 1, "reporter": "CentOS Project", "published": "2008-03-19T00:04:06", "title": "tomcat5 security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "modified": "2008-03-19T00:04:06", "href": "http://lists.centos.org/pipermail/centos-announce/2008-March/014764.html", "id": "CESA-2008:0042", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "redhat": [{"lastseen": "2018-12-11T17:42:01", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.2-3.SP9.0jpp.ep1.2.el5", "arch": "noarch", "packageName": "jboss-remoting", "packageFilename": "jboss-remoting-2.2.2-3.SP9.0jpp.ep1.2.el5.noarch.rpm", "operator": "lt"}], "description": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.3.0.CP01.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is available\nbelow in the References section.\n\nThe following security issues are also fixed with this release: \n\nThe default security policy in the JULI logging component did not restrict\naccess permissions to files. This could be misused by untrusted web\napplications to access and write arbitrary files in the context of the\ntomcat process. (CVE-2007-5342)\n\nThe property that controls the download of server classes was set to \"true\"\nin the \"production\" configuration. When the class download service is bound\nto an external interface, a remote attacker was able to download arbitrary\nclass files from the server class path. (CVE-2008-3519)\n\nWarning: before applying this update, please backup the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to upgrade\nto these updated packages, which resolve these issues.", "reporter": "RedHat", "published": "2008-09-22T04:00:00", "type": "redhat", "title": "(RHSA-2008:0832) Low: JBoss Enterprise Application Platform 4.3.0CP02 security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2008-3519"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2016-04-04T18:31:06", "id": "RHSA-2008:0832", "href": "https://access.redhat.com/errata/RHSA-2008:0832", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-12-11T17:45:20", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.5.23-0jpp.3.0.3.el5_1", "arch": "i386", "packageName": "tomcat5-jsp-2.0-api", "packageFilename": "tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1.i386.rpm", "operator": "lt"}], "description": "Tomcat is a servlet container for Java Servlet and JavaServer Pages\r\ntechnologies.\r\n\r\nA directory traversal vulnerability existed in the Apache Tomcat webdav\r\nservlet. In some configurations it allowed remote authenticated users to\r\nread files accessible to the local tomcat process. (CVE-2007-5461)\r\n\r\nThe default security policy in the JULI logging component did not restrict\r\naccess permissions to files. This could be misused by untrusted web\r\napplications to access and write arbitrary files in the context of the\r\ntomcat process. (CVE-2007-5342)\r\n\r\nUsers of Tomcat should update to these errata packages, which contain\r\nbackported patches and are not vulnerable to these issues.", "reporter": "RedHat", "published": "2008-03-11T04:00:00", "type": "redhat", "title": "(RHSA-2008:0042) Moderate: tomcat security update", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-5461"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:20:08", "id": "RHSA-2008:0042", "href": "https://access.redhat.com/errata/RHSA-2008:0042", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-12-11T17:42:34", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "5.5.23-0jpp_11rh", "arch": "noarch", "packageName": "tomcat5-server-lib", "packageFilename": "tomcat5-server-lib-5.5.23-0jpp_11rh.noarch.rpm", "operator": "lt"}], "description": "Tomcat is a servlet container for Java Servlet and Java Server Pages\r\ntechnologies.\r\n\r\nTomcat was found treating single quote characters -- ' -- as delimiters in\r\ncookies. This could allow remote attackers to obtain sensitive information,\r\nsuch as session IDs, for session hijacking attacks (CVE-2007-3382).\r\n\r\nIt was reported Tomcat did not properly handle the following character\r\nsequence in a cookie: \\\" (a backslash followed by a double-quote). It was\r\npossible remote attackers could use this failure to obtain sensitive\r\ninformation, such as session IDs, for session hijacking attacks\r\n(CVE-2007-3385).\r\n\r\nA directory traversal vulnerability existed in the Apache Tomcat webdav\r\nservlet. This allowed remote attackers to remote authenticated users to\r\nread accessible to the local user running the tomcat process (CVE-2007-5461).\r\n\r\nThe default security policy in the JULI logging component did not restrict\r\naccess permissions to files. This could be misused by untrusted web\r\napplications to access and write arbitrary files in the context of the\r\ntomcat process (CVE-2007-5342).\r\n\r\nUsers of Tomcat should update to these erratum packages, which contain\r\nbackported patches and are not vulnerable to these issues.", "reporter": "RedHat", "published": "2008-04-28T04:00:00", "type": "redhat", "title": "(RHSA-2008:0195) Moderate: tomcat security update", "enchantments": {"score": {"modified": "2018-12-11T17:42:34", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-3382", "CVE-2007-3385", "CVE-2007-5342", "CVE-2007-5461"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-03T23:42:03", "id": "RHSA-2008:0195", "href": "https://access.redhat.com/errata/RHSA-2008:0195", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-12-11T17:43:03", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "5.5.23-0jpp_4rh.9", "arch": "noarch", "packageName": "tomcat5-jsp-2.0-api-javadoc", "packageFilename": "tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm", "operator": "lt"}], "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nThe default security policy in the JULI logging component did not restrict\naccess permissions to files. This could be misused by untrusted web\napplications to access and write arbitrary files in the context of the\nTomcat process. (CVE-2007-5342)\n\nA directory traversal vulnerability was discovered in the Apache Tomcat\nwebdav servlet. Under certain configurations, this allowed remote,\nauthenticated users to read files accessible to the local Tomcat process.\n(CVE-2007-5461)\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host\nmanager application. A remote attacker could inject arbitrary web script or\nHTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher\nin combination with a servlet or JSP. A remote attacker could utilize a\nspecially-crafted request parameter to access protected web resources.\n(CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n\"allowLinking\" and \"URIencoding\" settings were activated. A remote attacker\ncould use a UTF-8-encoded request to extend their privileges and obtain\nlocal files accessible to the Tomcat process. (CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "reporter": "RedHat", "published": "2008-10-02T04:00:00", "type": "redhat", "title": "(RHSA-2008:0862) Important: tomcat security update", "enchantments": {"score": {"modified": "2018-12-11T17:43:03", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-5461", "CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-03T23:41:53", "id": "RHSA-2008:0862", "href": "https://access.redhat.com/errata/RHSA-2008:0862", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2018-10-16T22:13:26", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "4", "packageVersion": "5.5.20-2etch1", "arch": "all", "packageFilename": "tomcat5.5-webapps_5.5.20-2etch1_all.deb", "packageName": "tomcat5.5-webapps", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.5.20-2etch1", "arch": "all", "packageFilename": "tomcat5.5_5.5.20-2etch1_all.deb", "packageName": "tomcat5.5", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.5.20-2etch1", "arch": "all", "packageFilename": "libtomcat5.5-java_5.5.20-2etch1_all.deb", "packageName": "libtomcat5.5-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.5.20-2etch1", "arch": "all", "packageFilename": "tomcat5.5-admin_5.5.20-2etch1_all.deb", "packageName": "tomcat5.5-admin", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1447-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 03, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : tomcat5.5\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 CVE-2007-5342 CVE-2007-5461\n\nSeveral remote vulnerabilities have been discovered in the Tomcat\nservlet and JSP engine. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2007-3382\n\n It was discovered that single quotes (') in cookies were treated\n as a delimiter, which could lead to an information leak.\n\nCVE-2007-3385\n\n It was discovered that the character sequence \\" in cookies was\n handled incorrectly, which could lead to an information leak.\n\nCVE-2007-3386\n \n It was discovered that the host manager servlet performed\n insufficient input validation, which could lead to cross-site\n scripting.\n\nCVE-2007-5342\n\n It was discovered that the JULI logging component did not restrict\n its target path, resulting in potential denial of service through\n file overwrites.\n\nCVE-2007-5461\n\n It was discovered that the WebDAV servlet is vulnerable to absolute\n path traversal.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.5.20-2etch1.\n\nThe old stable distribution (sarge) doesn't contain tomcat5.5.\n\nThe unstable distribution (sid) will be fixed soon.\n\nWe recommend that you upgrade your tomcat5.5 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/t/tomcat5.5/tomcat5.5_5.5.20.orig.tar.gz\n Size/MD5 checksum: 4796377 5775bae8fac16a0e3a2c913c4768bb37\n http://security.debian.org/pool/updates/main/t/tomcat5.5/tomcat5.5_5.5.20-2etch1.dsc\n Size/MD5 checksum: 1277 c2193e917dd759a50b8481177bfcef39\n http://security.debian.org/pool/updates/main/t/tomcat5.5/tomcat5.5_5.5.20-2etch1.diff.gz\n Size/MD5 checksum: 28422 6df1691cbea55b10e2d2d865b4b2983a\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/t/tomcat5.5/libtomcat5.5-java_5.5.20-2etch1_all.deb\n Size/MD5 checksum: 2385530 5f6482d73f7507b5f2f050ea825ee800\n http://security.debian.org/pool/updates/main/t/tomcat5.5/tomcat5.5-webapps_5.5.20-2etch1_all.deb\n Size/MD5 checksum: 1472296 4bc554684655794b1d82db2160d67bea\n http://security.debian.org/pool/updates/main/t/tomcat5.5/tomcat5.5_5.5.20-2etch1_all.deb\n Size/MD5 checksum: 56744 a1de64bb115d03c4d33c28065e0c793a\n http://security.debian.org/pool/updates/main/t/tomcat5.5/tomcat5.5-admin_5.5.20-2etch1_all.deb\n Size/MD5 checksum: 1162332 ab90aab000037913260361eec812c573\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2008-01-03T21:55:47", "title": "[SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:26", "vector": "NONE", "value": 4.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-3382", "CVE-2007-3386", "CVE-2007-5461", "CVE-2007-3385"], "modified": "2008-01-03T21:55:47", "id": "DEBIAN:DSA-1447-1:D5F9E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00004.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:06", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333", "https://bugs.gentoo.org/show_bug.cgi?id=196066", "https://bugs.gentoo.org/show_bug.cgi?id=203169", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "6.0.16", "packageFilename": "UNKNOWN", "packageName": "www-servers/tomcat", "arch": "all", "operator": "lt"}], "description": "### Background\n\nTomcat is the Apache Jakarta Project's official implementation of Java Servlets and Java Server Pages. \n\n### Description\n\nThe following vulnerabilities were reported: \n\n * Delian Krustev discovered that the JULI logging component does not properly enforce access restrictions, allowing web application to add or overwrite files (CVE-2007-5342).\n * When the native APR connector is used, Tomcat does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of a duplicate copy of one of the recent requests (CVE-2007-6286).\n * If the processing or parameters is interrupted, i.e. by an exception, then it is possible for the parameters to be processed as part of later request (CVE-2008-0002).\n * An absolute path traversal vulnerability exists due to the way that WebDAV write requests are handled (CVE-2007-5461).\n * Tomcat does not properly handle double quote (\") characters or %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks (CVE-2007-5333).\n\n### Impact\n\nThese vulnerabilities can be exploited by: \n\n * a malicious web application to add or overwrite files with the permissions of the user running Tomcat. \n * a remote attacker to conduct session hijacking or disclose sensitive data. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Tomcat 5.5.x users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/tomcat-5.5.26\"\n\nAll Tomcat 6.0.x users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/tomcat-6.0.16\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2008-04-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "Tomcat: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-5333", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-0002"], "modified": "2009-05-28T00:00:00", "id": "GLSA-200804-10", "href": "https://security.gentoo.org/glsa/200804-10", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "vmware": [{"lastseen": "2018-09-02T02:40:42", "references": [], "affectedPackage": [{"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX350-200806404-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX-1006360", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "Update 2 build 104263", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Virtual-", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX-1004823", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX303-200808407-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "any", "OSVersion": "any", "packageVersion": "", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Center", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "Update5 build 104182", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Virtual-", "operator": "lt"}], "description": " \nESX patches and updates for VirtualCenter fix the following \napplication vulnerabilities.\n", "edition": 3, "reporter": "VMware", "published": "2008-06-16T00:00:00", "title": "Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter", "type": "vmware", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2008-1195", "CVE-2008-1194", "CVE-2007-5238", "CVE-2008-1191", "CVE-2007-5333", "CVE-2007-5232", "CVE-2007-5240", "CVE-2008-1189", "CVE-2008-1186", "CVE-2008-0657", "CVE-2008-1185", "CVE-2007-5237", "CVE-2008-1196", "CVE-2007-5461", "CVE-2007-5236", "CVE-2007-6286", "CVE-2008-1190", "CVE-2008-1187", "CVE-2007-5689", "CVE-2008-1188", "CVE-2007-5239", "CVE-2007-5274", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2008-08-29T00:00:00", "id": "VMSA-2008-0010", "href": "https://www.vmware.com/security/advisories/VMSA-2008-0010.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T02:40:38", "references": [], "affectedPackage": [{"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911233-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX350-201002407-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "2.5.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX303-201002205-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX350-201002404-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX303-201002204-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "Update 6", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "VirtualCenter", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "3.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "2.0.2", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "VirtualCenter", "operator": "eq"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX350-201003403-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX303-201002206-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911201-UG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "any", "OSVersion": "any", "packageVersion": "2.0", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Server", "operator": "eq"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911223-UG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "any", "OSVersion": "any", "packageVersion": "2.x", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Server", "operator": "eq"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "3.0.3", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911238-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "Redhat", "OSVersion": "5", "packageVersion": "Patch 2", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vMA", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXe350-201002401-O-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911237-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX350-201002402-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911235-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "Update 1", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vCenter", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911234-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi400-200911201-UG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-200911232-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}], "description": "a. JRE Security Update \n \nJRE update to version 1.5.0_20, which addresses multiple security \nissues that existed in earlier releases of JRE. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the following names to the security issues fixed in \nJRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, \nCVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, \nCVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, \nCVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the following names to the security issues fixed in \nJRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, \nCVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, \nCVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, \nCVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. \nThe following table lists what action remediates the vulnerability \n(column 4) if a solution is available. \n\n", "edition": 3, "reporter": "VMware", "published": "2009-11-20T00:00:00", "title": "VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.", "type": "vmware", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-2052", "CVE-2009-1095", "CVE-2009-1093", "CVE-2009-1104", "CVE-2009-1096", "CVE-2009-2670", "CVE-2009-1895", "CVE-2009-2692", "CVE-2009-1099", "CVE-2009-2716", "CVE-2009-2417", "CVE-2008-1721", "CVE-2009-1097", "CVE-2008-3143", "CVE-2009-2414", "CVE-2008-4864", "CVE-2009-1385", "CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0033", "CVE-2009-2723", "CVE-2009-2718", "CVE-2007-5333", "CVE-2009-0675", "CVE-2009-0747", "CVE-2009-0787", "CVE-2009-2416", "CVE-2008-4307", "CVE-2009-0696", "CVE-2009-2722", "CVE-2007-4965", "CVE-2009-0746", "CVE-2009-0580", "CVE-2009-2698", "CVE-2009-0028", "CVE-2009-2720", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-2625", "CVE-2008-1947", "CVE-2009-0778", "CVE-2009-2673", "CVE-2009-1100", "CVE-2008-3144", "CVE-2009-1072", "CVE-2009-0322", "CVE-2009-0159", "CVE-2009-0676", "CVE-2009-1192", "CVE-2009-1098", "CVE-2009-1094", "CVE-2009-0745", "CVE-2007-5461", "CVE-2008-3142", "CVE-2009-2407", "CVE-2009-1106", "CVE-2009-1337", "CVE-2009-1103", "CVE-2007-5966", "CVE-2009-1388", "CVE-2009-0783", "CVE-2009-0269", "CVE-2007-6286", "CVE-2009-2724", "CVE-2009-1389", "CVE-2008-2370", "CVE-2009-0834", "CVE-2009-1633", "CVE-2008-2315", "CVE-2009-0748", "CVE-2009-1101", "CVE-2009-2406", "CVE-2009-1439", "CVE-2009-1336", "CVE-2009-2848", "CVE-2009-1252", "CVE-2008-1887", "CVE-2009-1107", "CVE-2009-2671", "CVE-2008-1232", "CVE-2008-5031", "CVE-2009-1102", "CVE-2009-1630", "CVE-2009-2672", "CVE-2009-2847", "CVE-2009-2719", "CVE-2009-2676", "CVE-2009-1105", "CVE-2009-2721", "CVE-2009-2675", "CVE-2008-0002"], "modified": "2010-03-29T00:00:00", "id": "VMSA-2009-0016", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0016.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
