DATABASE RESOURCES PRICING ABOUT US

{"id": "B5810DD31544DECD338CCD71F5C05C78B267068FE3FD01928B5545B05BEE5FA0", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator", "description": "## Summary\n\nIBM Sterling B2B Integrator has integrated multiple security vulnerability fixes from Apache Log4j, please see list of CVEs for vulnerability details\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2017-5645](<https://vulners.com/cve/CVE-2017-5645>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an error when using the TCP socket server or UDP socket server to receive serialized log events from another application. By deserializing a specially crafted binary payload, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127479](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127479>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2010-1157](<https://vulners.com/cve/CVE-2010-1157>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error related to the generation of a realm name when one isn't specified for a web.xml application. A remote attacker could exploit this vulnerability using the WWW-Authenticate header to obtain the IP address or local hostname of the system. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/58055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/58055>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2010-2227](<https://vulners.com/cve/CVE-2010-2227>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by multiple flaws when handling Transfer-Encoding headers that prevents a buffer from recycling. By sending a specially-crafted request in a Transfer-Encoding header, a remote attacker could exploit this vulnerability to trigger the failure of subsequent requests or information leaks between the requests. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/60264](<https://exchange.xforce.ibmcloud.com/vulnerabilities/60264>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P) \n \n** CVEID: **[CVE-2010-4172](<https://vulners.com/cve/CVE-2010-4172>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the sessionsList.jsp script. A remote attacker could exploit this vulnerability using the sort or orderby parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/63422](<https://exchange.xforce.ibmcloud.com/vulnerabilities/63422>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2010-4312](<https://vulners.com/cve/CVE-2010-4312>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to hijack a valid user's session, caused by a missing HttpOnly mechanism flag in a Set-Cookie header. By persuading a victim to visit a specially-crafted link and log into the application, a remote attacker could exploit this vulnerability to hijack another user's account and possibly launch further attacks on the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/63477](<https://exchange.xforce.ibmcloud.com/vulnerabilities/63477>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2010-3718](<https://vulners.com/cve/CVE-2010-3718>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the ServletContect attribute being improperly restricted to read-only setting. An attacker could exploit this vulnerability to gain unauthorized read and write access to the system. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/65159](<https://exchange.xforce.ibmcloud.com/vulnerabilities/65159>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2011-0534](<https://vulners.com/cve/CVE-2011-0534>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by an error in the NIO connector when processing a request line. By sending a specially-crafted request, a remote attacker could exploit the vulnerability to cause an OutOfMemory error and crash the server. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/65162](<https://exchange.xforce.ibmcloud.com/vulnerabilities/65162>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2011-0013](<https://vulners.com/cve/CVE-2011-0013>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by when displaying web application data. A remote attacker could exploit this vulnerability using the HTML Manager interface to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/65160](<https://exchange.xforce.ibmcloud.com/vulnerabilities/65160>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2011-2526](<https://vulners.com/cve/CVE-2011-2526>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the improper validation of request attributes by sendfile. A remote attacker could exploit this vulnerability to obtain sensitive information and cause the JVM to crash. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/68541](<https://exchange.xforce.ibmcloud.com/vulnerabilities/68541>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P) \n \n** CVEID: **[CVE-2011-3190](<https://vulners.com/cve/CVE-2011-3190>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the improper handling of messages by the AJP protocol. A remote attacker could exploit this vulnerability to inject arbitrary AJP messages to bypass the authentication process and possibly obtain sensitive information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/69472](<https://exchange.xforce.ibmcloud.com/vulnerabilities/69472>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2011-4858](<https://vulners.com/cve/CVE-2011-4858>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by insufficient randomization of hash data structures. By sending multiple specially-crafted HTTP POST requests to an affected application containing conflicting hash key values, a remote attacker could exploit this vulnerability to cause the consumption of CPU resources. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/72016](<https://exchange.xforce.ibmcloud.com/vulnerabilities/72016>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2011-1184](<https://vulners.com/cve/CVE-2011-1184>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by multiple errors related to the implementation of HTTP DIGEST authentication. A remote attacker could exploit this vulnerability to perform unauthorized actions. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/70052](<https://exchange.xforce.ibmcloud.com/vulnerabilities/70052>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2011-5063](<https://vulners.com/cve/CVE-2011-5063>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the failure to check realm values by the HTTP Digest Access Authentication implementation. A remote attacker could exploit this vulnerability to bypass security restrictions. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/72437](<https://exchange.xforce.ibmcloud.com/vulnerabilities/72437>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2012-2733](<https://vulners.com/cve/CVE-2012-2733>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by the improper verification of the request headers by the parseHeaders() function. A remote attacker could exploit this vulnerability using specially-crafted headers to cause an out-of-memory exception. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79806](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79806>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2011-5064](<https://vulners.com/cve/CVE-2011-5064>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of Catalina as the hard-coded private key by DigestAuthenticator.java within the HTTP Digest Access Authentication implementation. A remote attacker could exploit this vulnerability to bypass cryptographic protection mechanisms. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/72438](<https://exchange.xforce.ibmcloud.com/vulnerabilities/72438>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2012-0022](<https://vulners.com/cve/CVE-2012-0022>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of an overly large number of parameter and parameter values. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume an overly large amount of CPU resources. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/72425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/72425>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2011-5062](<https://vulners.com/cve/CVE-2011-5062>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the failure to check qop values by the HTTP Digest Access Authentication implementation. A remote attacker could exploit this vulnerability to bypass intended integrity-protection requirements. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/72436](<https://exchange.xforce.ibmcloud.com/vulnerabilities/72436>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2012-5885](<https://vulners.com/cve/CVE-2012-5885>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the tracking of cnonce values instead of nonce and nc values by the replay-countermeasure functionality in the HTTP Digest Access Authentication implementation. By sniffing the network, a remote attacker could exploit this vulnerability to bypass security restrictions. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/80408](<https://exchange.xforce.ibmcloud.com/vulnerabilities/80408>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-5886](<https://vulners.com/cve/CVE-2012-5886>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the caching of information about the authenticated user within the session state by the HTTP Digest Access Authentication implementation. A remote attacker could exploit this vulnerability to bypass security restrictions. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/80407](<https://exchange.xforce.ibmcloud.com/vulnerabilities/80407>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-5887](<https://vulners.com/cve/CVE-2012-5887>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the failure to properly check server nonces by the DIGEST authentication mechanism. A remote attacker could exploit this vulnerability to gain unauthorized access to the system. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79809](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79809>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-3546](<https://vulners.com/cve/CVE-2012-3546>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by an error in the FormAuthenticator component during FORM authentication. By leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI, an attacker could exploit his vulnerability to bypass the authentication mechanism and gain unauthorized access to the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/80517](<https://exchange.xforce.ibmcloud.com/vulnerabilities/80517>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-4431](<https://vulners.com/cve/CVE-2012-4431>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by an error in the doFilter() method. By sending a specially-crafted request to a protected source without a session identifier present in the request, an attacker could exploit this vulnerability to bypass the CSRF prevention filter and gain unauthorized access to the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/80518](<https://exchange.xforce.ibmcloud.com/vulnerabilities/80518>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-4534](<https://vulners.com/cve/CVE-2012-4534>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by an error when using the NIO connector with sendfile and HTTPS enabled. A remote attacker could exploit this vulnerability to cause the application to enter an infinite loop and consume all available CPU resources. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/80516](<https://exchange.xforce.ibmcloud.com/vulnerabilities/80516>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2012-3544](<https://vulners.com/cve/CVE-2012-3544>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by the failure to properly handle chunk extensions in chunked transfer coding. By streaming data, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/84952](<https://exchange.xforce.ibmcloud.com/vulnerabilities/84952>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2013-2067](<https://vulners.com/cve/CVE-2013-2067>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to hijack a valid user's session, caused by the improper validation of session cookies by the FormAuthenticator module. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to hijack another user's session and possibly launch further attacks on the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/84154](<https://exchange.xforce.ibmcloud.com/vulnerabilities/84154>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2013-2185](<https://vulners.com/cve/CVE-2013-2185>) \n** DESCRIPTION: **Red Hat JBoss Enterprise Application Platform could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the implementation of the DiskFileItem class. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability using serialized instance of the DiskFileItem class to upload a file containing a NULL byte, which could allow the attacker to execute arbitrary PHP code on the vulnerable system. \nCVSS Base score: 6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/87273](<https://exchange.xforce.ibmcloud.com/vulnerabilities/87273>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2013-4286](<https://vulners.com/cve/CVE-2013-4286>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to HTTP request smuggling, caused by an incomplete fix related to the handling of malicious request. By sending a specially-crafted request in a Transfer-Encoding: chunked header and a Content-length header to the Apache HTTP server that will be reassembled with the original Content-Length header value, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/91426](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91426>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2013-4322](<https://vulners.com/cve/CVE-2013-4322>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by an incomplete fix related to the processing of chunked transfer coding without properly handling a large total amount of chunked data or whitespace characters in an HTTP header value. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/91625](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91625>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2013-4590](<https://vulners.com/cve/CVE-2013-4590>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when running untrusted web applications. By sending a specially-crafted request, an attacker could exploit this vulnerability to read arbitrary files and obtain sensitive information. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/91424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91424>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2014-0075](<https://vulners.com/cve/CVE-2014-0075>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by an integer overflow in the parseChunkHeader function. A remote attacker could exploit this vulnerability using a malformed chunk size as part of a chunked request to consume all available resources. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/93365](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93365>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2014-0096](<https://vulners.com/cve/CVE-2014-0096>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data by the default server. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/93367](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93367>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2014-0099](<https://vulners.com/cve/CVE-2014-0099>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to check for overflows when parsing content length headers. By sending specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/93369](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93369>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2014-0119](<https://vulners.com/cve/CVE-2014-0119>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the replacement of the XML parsers used to process XSLTs for the default servlet. An attacker could exploit this vulnerability using a specially-crafted application to obtain sensitive information. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/93368](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93368>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2013-4444](<https://vulners.com/cve/CVE-2013-4444>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the File Upload feature. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious JSP, which could allow the attacker to execute arbitrary JSP code on the vulnerable system. \nCVSS Base score: 6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95876](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95876>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2014-0227](<https://vulners.com/cve/CVE-2014-0227>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to HTTP request smuggling. A remote attacker could send a specially-crafted request in a malformed chunked header to the Web server to cause multiple processing conflicts on the servers. An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/100751](<https://exchange.xforce.ibmcloud.com/vulnerabilities/100751>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2014-0230](<https://vulners.com/cve/CVE-2014-0230>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by an error when an HTTP response is returned before the entire request body is fully read. An attacker could exploit this vulnerability using a series of aborted upload attempts to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/102131](<https://exchange.xforce.ibmcloud.com/vulnerabilities/102131>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2014-7810](<https://vulners.com/cve/CVE-2014-7810>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the protections of a Security Manager. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103155>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2015-5174](<https://vulners.com/cve/CVE-2015-5174>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) in the getResource(), getResourceAsStream() and getResourcePaths() ServletContext methods to obtain a directory listing for the directory. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110860](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110860>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-5345](<https://vulners.com/cve/CVE-2015-5345>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110857](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110857>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-0706](<https://vulners.com/cve/CVE-2016-0706>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the loading of the StatusManagerServlet during the configuration of a security manager. An attacker could exploit this vulnerability to obtain deployed applications and other sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110855](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110855>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-0714](<https://vulners.com/cve/CVE-2016-0714>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by an error in multiple session persistence mechanisms. By placing a malicious object into a session, an attacker could exploit this vulnerability to bypass a security manager and possibly execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110856](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110856>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-6816](<https://vulners.com/cve/CVE-2016-6816>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/119158](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119158>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-5647](<https://vulners.com/cve/CVE-2017-5647>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error in the processing of pipelined requests in send file. An attacker could exploit this vulnerability to obtain sensitive information from the wrong response. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124400](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124400>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-0762](<https://vulners.com/cve/CVE-2016-0762>) \n** DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118407](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118407>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-5018](<https://vulners.com/cve/CVE-2016-5018>) \n** DESCRIPTION: **Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118406](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118406>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-6794](<https://vulners.com/cve/CVE-2016-6794>) \n** DESCRIPTION: **Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118405](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118405>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-6796](<https://vulners.com/cve/CVE-2016-6796>) \n** DESCRIPTION: **Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118404](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8022](<https://vulners.com/cve/CVE-2020-8022>) \n** DESCRIPTION: **tomcat package for openSUSE could allow a local authenticated attacker to gain elevated privileges on the system, caused by an incorrect default permission flaw. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184110](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| APAR(s)| Version(s) \n---|---|--- \nIBM Sterling B2B Integrator| IT37848| 5.2.0.0 - 6.0.3.4 \nIBM Sterling B2B Integrator| IT37848| 6.1.0.0 - 6.1.0.3 \n \n\n\n## Remediation/Fixes\n\nProduct &amp; Version| Remediation &amp; Fix \n---|--- \n5.2.0.0 - 6.0.3.4| Apply IBM Sterling B2B Integrator version 6.0.3.5 or 6.1.1.0 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.1.0.0 - 6.1.0.3| Apply IBM Sterling B2B Integrator version 6.1.1.0 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2021-10-06T14:56:49", "modified": "2021-10-06T14:56:49", "epss": [{"cve": "CVE-2010-1157", "epss": 0.12442, "percentile": 0.94581, "modified": "2023-06-06"}, {"cve": "CVE-2010-2227", "epss": 0.47156, "percentile": 0.96905, "modified": "2023-06-06"}, {"cve": "CVE-2010-3718", "epss": 0.0024, "percentile": 0.60656, "modified": "2023-06-06"}, {"cve": "CVE-2010-4172", "epss": 0.01116, "percentile": 0.82504, "modified": "2023-06-06"}, {"cve": "CVE-2010-4312", "epss": 0.00203, "percentile": 0.56887, "modified": "2023-06-06"}, {"cve": "CVE-2011-0013", "epss": 0.0012, "percentile": 0.44983, "modified": "2023-06-07"}, {"cve": "CVE-2011-0534", "epss": 0.01214, "percentile": 0.83333, "modified": "2023-06-07"}, {"cve": "CVE-2011-1184", "epss": 0.00181, "percentile": 0.53961, "modified": "2023-06-06"}, {"cve": "CVE-2011-2526", "epss": 0.00046, "percentile": 0.14084, "modified": "2023-06-06"}, {"cve": "CVE-2011-3190", "epss": 0.00573, "percentile": 0.74777, "modified": "2023-06-06"}, {"cve": "CVE-2011-4858", "epss": 0.71306, "percentile": 0.9758, "modified": "2023-06-06"}, {"cve": "CVE-2011-5062", "epss": 0.00181, "percentile": 0.53961, "modified": "2023-06-06"}, {"cve": "CVE-2011-5063", "epss": 0.003, "percentile": 0.65049, "modified": "2023-06-06"}, {"cve": "CVE-2011-5064", "epss": 0.00267, "percentile": 0.62919, "modified": "2023-06-06"}, {"cve": "CVE-2012-0022", "epss": 0.11, "percentile": 0.94277, "modified": "2023-06-07"}, {"cve": "CVE-2012-2733", "epss": 0.08975, "percentile": 0.93688, "modified": "2023-06-06"}, {"cve": "CVE-2012-3544", "epss": 0.93397, "percentile": 0.98634, "modified": "2023-06-06"}, {"cve": "CVE-2012-3546", "epss": 0.0029, "percentile": 0.64523, "modified": "2023-06-06"}, {"cve": "CVE-2012-4431", "epss": 0.00278, "percentile": 0.63644, "modified": "2023-06-06"}, {"cve": "CVE-2012-4534", "epss": 0.92371, "percentile": 0.98484, "modified": "2023-06-06"}, {"cve": "CVE-2012-5885", "epss": 0.0017, "percentile": 0.52817, "modified": "2023-06-06"}, {"cve": "CVE-2012-5886", "epss": 0.00338, "percentile": 0.67151, "modified": "2023-06-06"}, {"cve": "CVE-2012-5887", "epss": 0.00338, "percentile": 0.67151, "modified": "2023-06-06"}, {"cve": "CVE-2013-2067", "epss": 0.0098, "percentile": 0.81263, "modified": "2023-06-06"}, {"cve": "CVE-2013-2185", "epss": 0.00265, "percentile": 0.62719, "modified": "2023-06-06"}, {"cve": "CVE-2013-4286", "epss": 0.00525, "percentile": 0.73613, "modified": "2023-06-06"}, {"cve": "CVE-2013-4322", "epss": 0.94941, "percentile": 0.98907, "modified": "2023-06-06"}, {"cve": "CVE-2013-4444", "epss": 0.06849, "percentile": 0.92869, "modified": "2023-06-06"}, {"cve": "CVE-2013-4590", "epss": 0.00156, "percentile": 0.50733, "modified": "2023-06-06"}, {"cve": "CVE-2014-0075", "epss": 0.03372, "percentile": 0.9001, "modified": "2023-06-06"}, {"cve": "CVE-2014-0096", "epss": 0.00129, "percentile": 0.46417, "modified": "2023-06-06"}, {"cve": "CVE-2014-0099", "epss": 0.00472, "percentile": 0.72119, "modified": "2023-06-06"}, {"cve": "CVE-2014-0119", "epss": 0.00162, "percentile": 0.51628, "modified": "2023-06-06"}, {"cve": "CVE-2014-0227", "epss": 0.95368, "percentile": 0.99017, "modified": "2023-06-06"}, {"cve": "CVE-2014-0230", "epss": 0.04611, "percentile": 0.9133, "modified": "2023-06-06"}, {"cve": "CVE-2014-7810", "epss": 0.00289, "percentile": 0.64427, "modified": "2023-06-06"}, {"cve": "CVE-2015-5174", "epss": 0.00178, "percentile": 0.53662, "modified": "2023-06-06"}, {"cve": "CVE-2015-5345", "epss": 0.00301, "percentile": 0.65116, "modified": "2023-06-06"}, {"cve": "CVE-2016-0706", "epss": 0.00272, "percentile": 0.63268, "modified": "2023-06-06"}, {"cve": "CVE-2016-0714", "epss": 0.00726, "percentile": 0.7797, "modified": "2023-06-06"}, {"cve": "CVE-2016-0762", "epss": 0.00188, "percentile": 0.55031, "modified": "2023-06-06"}, {"cve": "CVE-2016-5018", "epss": 0.00234, "percentile": 0.60128, "modified": "2023-06-03"}, {"cve": "CVE-2016-6794", "epss": 0.0013, "percentile": 0.46663, "modified": "2023-06-03"}, {"cve": "CVE-2016-6796", "epss": 0.00153, "percentile": 0.50316, "modified": "2023-06-03"}, {"cve": "CVE-2016-6816", "epss": 0.00262, "percentile": 0.62495, "modified": "2023-06-03"}, {"cve": "CVE-2017-5645", "epss": 0.81086, "percentile": 0.97836, "modified": "2023-06-05"}, {"cve": "CVE-2017-5647", "epss": 0.00494, "percentile": 0.7276, "modified": "2023-06-05"}, {"cve": "CVE-2019-17571", "epss": 0.97467, "percentile": 0.9993, "modified": "2023-06-06"}, {"cve": "CVE-2020-8022", "epss": 0.00042, "percentile": 0.05671, "modified": "2023-06-06"}, {"cve": "CVE-2020-9488", "epss": 0.0026, "percentile": 0.62378, "modified": "2023-06-06"}], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/6496741", "reporter": "IBM", "references": [], "cvelist": ["CVE-2010-1157", "CVE-2010-2227", "CVE-2010-3718", "CVE-2010-4172", "CVE-2010-4312", "CVE-2011-0013", "CVE-2011-0534", "CVE-2011-1184", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022", "CVE-2012-2733", "CVE-2012-3544", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887", "CVE-2013-2067", "CVE-2013-2185", "CVE-2013-4286", "CVE-2013-4322", "CVE-2013-4444", "CVE-2013-4590", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810", "CVE-2015-5174", "CVE-2015-5345", "CVE-2016-0706", "CVE-2016-0714", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6816", "CVE-2017-5645", "CVE-2017-5647", "CVE-2019-17571", "CVE-2020-8022", "CVE-2020-9488"], "immutableFields": [], "lastseen": "2023-06-07T14:17:11", "viewCount": 63, "enchantments": {"score": {"value": 10.9, "vector": "NONE"}, "dependencies": {"references": [{"type": "altlinux", "idList": ["418A6225F3E4C13472057C61D8664D1E", "7743550384B85BD49D1C37528CCEF53C"]}, {"type": "amazon", "idList": ["ALAS-2011-025", "ALAS-2014-344", "ALAS-2015-525", "ALAS-2015-526", "ALAS-2015-527", "ALAS-2016-656", "ALAS-2016-657", "ALAS-2016-658", "ALAS-2016-679", "ALAS-2016-680", "ALAS-2016-681", "ALAS-2016-764", "ALAS-2016-776", "ALAS-2016-777", "ALAS-2016-778", "ALAS-2017-810", "ALAS-2017-821", "ALAS-2017-822", "ALAS-2022-1562"]}, {"type": "archlinux", "idList": ["ASA-201505-8", "ASA-201611-22"]}, {"type": "atlassian", "idList": ["ATLASSIAN:BSERV-3475", "ATLASSIAN:CONF-29345", "ATLASSIAN:CONFCLOUD-29345", "ATLASSIAN:CONFSERVER-29345", "ATLASSIAN:CWD-3930", "ATLASSIAN:FE-7344", "ATLASSIAN:JRA-33563", "ATLASSIAN:JRA-59887", "ATLASSIAN:JRACLOUD-33563", "ATLASSIAN:JRASERVER-33563", "ATLASSIAN:JRASERVER-59887", "ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102", "BSERV-3475", "CONFSERVER-59549", "CWD-3930", "FE-7344", "JRASERVER-59887", "JRASERVER-64394", "JRASERVER-65102"]}, {"type": "attackerkb", "idList": ["AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "centos", "idList": ["CESA-2010:0580", "CESA-2011:1780", "CESA-2011:1845", "CESA-2012:0474", "CESA-2012:0475", "CESA-2013:0623", "CESA-2013:0640", "CESA-2013:0869", "CESA-2013:0964", "CESA-2014:0429", "CESA-2014:0865", "CESA-2014:1034", "CESA-2014:1038", "CESA-2015:0983", "CESA-2015:0991", "CESA-2016:0492", "CESA-2016:2045", "CESA-2016:2046", "CESA-2016:2599", "CESA-2017:0527", "CESA-2017:0935", "CESA-2017:2247", "CESA-2017:2423", "CESA-2017:3080", "CESA-2017:3081"]}, {"type": "cert", "idList": ["VU:930724"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-011", "CPAI-2013-3543", "CPAI-2014-1059", "CPAI-2014-1494", "CPAI-2015-0210", "CPAI-2017-1216", "CPAI-2019-1720"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:1DFE9585B9C1AAABE38F2402F4352EFD", "CFOUNDRY:390173E5A22BDA87FAB841184E06944D"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1655843011"]}, {"type": "cve", "idList": ["CVE-2010-1157", "CVE-2010-2227", "CVE-2010-3718", "CVE-2010-4172", "CVE-2010-4312", "CVE-2011-0013", "CVE-2011-0534", "CVE-2011-1184", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-4084", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022", "CVE-2012-2733", "CVE-2012-3439", "CVE-2012-3544", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887", "CVE-2013-2051", "CVE-2013-2067", "CVE-2013-2185", "CVE-2013-3544", "CVE-2013-4286", "CVE-2013-4322", "CVE-2013-4444", "CVE-2013-4590", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-4286", "CVE-2014-7810", "CVE-2015-5174", "CVE-2015-5345", "CVE-2016-0706", "CVE-2016-0714", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6816", "CVE-2017-5645", "CVE-2017-5647", "CVE-2017-6056", "CVE-2019-17571", "CVE-2020-8022", "CVE-2020-9488"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2065-1:517F5", "DEBIAN:DLA-2065-1:5EEFC", "DEBIAN:DLA-232-1:8CB78", "DEBIAN:DLA-2852-1:37D89", "DEBIAN:DLA-435-1:50A71", "DEBIAN:DLA-728-1:A9D65", "DEBIAN:DLA-728-1:ECD0E", "DEBIAN:DLA-729-1:1B0B9", "DEBIAN:DLA-729-1:E931B", "DEBIAN:DLA-746-1:64FA3", "DEBIAN:DLA-746-1:A270A", "DEBIAN:DLA-753-1:4DD3E", "DEBIAN:DLA-753-1:C31B7", "DEBIAN:DLA-779-1:56F21", "DEBIAN:DLA-779-1:8029E", "DEBIAN:DLA-91-1:2D9F3", "DEBIAN:DLA-91-1:C1090", "DEBIAN:DLA-924-1:68694", "DEBIAN:DLA-924-1:83322", "DEBIAN:DLA-924-2:C1101", "DEBIAN:DLA-924-2:CBAD6", "DEBIAN:DSA-2160-1:C8CCD", "DEBIAN:DSA-2207-1:6DF41", "DEBIAN:DSA-2401-1:5C59D", "DEBIAN:DSA-2725-1:3350C", "DEBIAN:DSA-2897-1:13B38", "DEBIAN:DSA-3428-1:EC79D", "DEBIAN:DSA-3447-1:BF5C1", "DEBIAN:DSA-3447-1:CE269", "DEBIAN:DSA-3530-1:6A530", "DEBIAN:DSA-3552-1:E23CF", "DEBIAN:DSA-3609-1:174EB", "DEBIAN:DSA-3720-1:0F2C1", "DEBIAN:DSA-3720-1:B5B38", "DEBIAN:DSA-3721-1:2B54A", "DEBIAN:DSA-3721-1:8336F", "DEBIAN:DSA-3738-1:66970", "DEBIAN:DSA-3738-1:EB221", "DEBIAN:DSA-3739-1:06429", "DEBIAN:DSA-3739-1:1BDAB", "DEBIAN:DSA-3842-1:1036A", "DEBIAN:DSA-3842-1:DA193", "DEBIAN:DSA-3843-1:1AF3C", "DEBIAN:DSA-3843-1:ECCB8", "DEBIAN:DSA-4686-1:A3244", "DEBIAN:DSA-4686-1:EDCC0", "DEBIAN:DSA-5020-1:32A64"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-1184", "DEBIANCVE:CVE-2011-2526", "DEBIANCVE:CVE-2011-3190", "DEBIANCVE:CVE-2011-4858", "DEBIANCVE:CVE-2011-5062", "DEBIANCVE:CVE-2011-5063", "DEBIANCVE:CVE-2011-5064", "DEBIANCVE:CVE-2012-0022", "DEBIANCVE:CVE-2012-2733", "DEBIANCVE:CVE-2012-3544", "DEBIANCVE:CVE-2012-3546", "DEBIANCVE:CVE-2012-4431", "DEBIANCVE:CVE-2012-4534", "DEBIANCVE:CVE-2012-5885", "DEBIANCVE:CVE-2012-5886", "DEBIANCVE:CVE-2012-5887", "DEBIANCVE:CVE-2013-2051", "DEBIANCVE:CVE-2013-2067", "DEBIANCVE:CVE-2013-4286", "DEBIANCVE:CVE-2013-4322", "DEBIANCVE:CVE-2013-4444", "DEBIANCVE:CVE-2013-4590", "DEBIANCVE:CVE-2014-0075", "DEBIANCVE:CVE-2014-0096", "DEBIANCVE:CVE-2014-0099", "DEBIANCVE:CVE-2014-0119", "DEBIANCVE:CVE-2014-0227", "DEBIANCVE:CVE-2014-0230", "DEBIANCVE:CVE-2014-7810", "DEBIANCVE:CVE-2015-5174", "DEBIANCVE:CVE-2015-5345", "DEBIANCVE:CVE-2016-0706", "DEBIANCVE:CVE-2016-0714", "DEBIANCVE:CVE-2016-0762", "DEBIANCVE:CVE-2016-5018", "DEBIANCVE:CVE-2016-6794", "DEBIANCVE:CVE-2016-6796", "DEBIANCVE:CVE-2016-6816", "DEBIANCVE:CVE-2017-5645", "DEBIANCVE:CVE-2017-5647", "DEBIANCVE:CVE-2017-6056", "DEBIANCVE:CVE-2019-17571", "DEBIANCVE:CVE-2020-9488"]}, {"type": "exploitdb", "idList": ["EDB-ID:12343", "EDB-ID:18305", "EDB-ID:41783", "EDB-ID:47892"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:093A394113BB59F99F2891210E4279F0", "EXPLOITPACK:1FA29992905DF6DC8A86680F66930B75", "EXPLOITPACK:8932A99CC3BD9DB558A917429D610473", "EXPLOITPACK:B817C3837AAE1BBA6FEB9BABE212CE90"]}, {"type": "f5", "idList": ["F5:K15111130", "F5:K15432", "F5:K16344", "F5:K17123", "F5:K18174924", "F5:K20038622", "F5:K23173103", "F5:K30971148", "F5:K34341852", "F5:K36784855", "F5:K37337112", "F5:K38110373", "F5:K48758740", "F5:K49000195", "F5:K50116122", "F5:K54891070", "F5:K58084500", "F5:K61529042", "F5:K65230547", "SOL15426", "SOL15428", "SOL15429", "SOL15432", "SOL16344", "SOL17123", "SOL30971148", "SOL36784855", "SOL38110373", "SOL50116122", "SOL65230547"]}, {"type": "fedora", "idList": ["FEDORA:0AC1C60C76B5", "FEDORA:0E00C6090BD2", "FEDORA:125286087B00", "FEDORA:1472760748FE", "FEDORA:1DA54604D2A3", "FEDORA:2C5E66075D89", "FEDORA:341EA6057129", "FEDORA:361D5605D56D", "FEDORA:376506075014", "FEDORA:399E16057156", "FEDORA:39E6D2053D", "FEDORA:3F80D6061813", "FEDORA:5CE3221275", "FEDORA:5D9FC21312", "FEDORA:6956921120", "FEDORA:6A09010FBB7", "FEDORA:76CFD605E21F", "FEDORA:7A2FA214FF", "FEDORA:7E5312097C", "FEDORA:8CEB2616D980", "FEDORA:8D209110894", "FEDORA:A413420F2D", "FEDORA:A99066078F69", "FEDORA:C1251110652", "FEDORA:C6B3F60776BE", "FEDORA:EFDAB6050C3B"]}, {"type": "freebsd", "idList": ["0B9AF110-D529-11E6-AE1B-002590263BF5", "134ACAA2-51EF-11E2-8E34-0022156E8794", "1F1124FE-DE5C-11E5-8FA8-14DAE9D210B8", "25E0593D-13C0-11E5-9AFB-3C970E169BC2", "3383E706-4FC3-11DF-83FB-0015587E2CC1", "3AE106E2-D521-11E6-AE1B-002590263BF5", "4CA26574-2A2C-11E2-99C7-00A0D181E71D", "553EC4ED-38D6-11E0-94B1-000C29BA66D2", "7F5CCB1D-439B-11E1-BC16-0023AE8E59F0", "81FC1076-1286-11E4-BEBD-000C2980A9F3", "953911FE-51EF-11E2-8E34-0022156E8794", "F599DFC4-3EC2-11E2-8AE1-001A8056D0B5"]}, {"type": "gentoo", "idList": ["GLSA-201206-24", "GLSA-201412-29", "GLSA-201705-09"]}, {"type": "github", "idList": ["GHSA-28CQ-6RMX-PJQ4", "GHSA-2QRG-X229-3V8Q", "GHSA-2RVF-329F-P99G", "GHSA-3GV7-3H64-78CM", "GHSA-3P86-XGRQ-M6P6", "GHSA-42J3-498Q-M6VP", "GHSA-475F-74WP-PQV5", "GHSA-4C43-CWVX-9CRH", "GHSA-4F7H-9J2X-CMR4", "GHSA-4V3G-G84W-HV7R", "GHSA-6CR4-7C7P-P3XV", "GHSA-6M48-JXWX-76Q7", "GHSA-6QR6-X7JM-X2Q6", "GHSA-6VX3-HR43-CFRH", "GHSA-76VR-72MV-MF3Q", "GHSA-87W9-X2C3-HRJJ", "GHSA-8H2Q-QM9X-55JC", "GHSA-99RF-92V6-CWX4", "GHSA-9GGM-7897-X4MG", "GHSA-9XRJ-439H-62HG", "GHSA-C78G-QWPW-2JGV", "GHSA-FJ6C-PRGJ-GR3R", "GHSA-FXPH-Q3J8-MV87", "GHSA-GC58-V8H3-X2GR", "GHSA-HFFM-FQV4-W27R", "GHSA-JC7P-5R39-9477", "GHSA-JGM2-M5CG-F66G", "GHSA-MV42-PX54-87JW", "GHSA-PRC3-7F44-W48J", "GHSA-PXCX-CXQ8-4MMW", "GHSA-Q9XF-JWR4-V445", "GHSA-QPRX-Q2R7-3RX6", "GHSA-RH8Q-VJGF-GF74", "GHSA-V6C7-8QX5-8GMP", "GHSA-VWQQ-5VRC-XW9H", "GHSA-W6Q7-WW2X-7GM3", "GHSA-WR3M-GW98-MC3J", "GHSA-WXCP-F2C8-X6XV", "GHSA-XH5X-J8JF-PCPX"]}, {"type": "githubexploit", "idList": ["3DFE8091-03AE-565B-A198-BD509784502C", "6083DCC3-CA9C-58A4-9FBC-983DF1E52584", "C2D99D6A-1A8C-5D55-BBB7-34A978AAC642"]}, {"type": "hackerone", "idList": ["H1:244459", "H1:648434"]}, {"type": "ibm", "idList": ["026861C8F37CB442AEB06F08CB67784AB6226E1C2C5830E2D4227D71E9453C5B", "029AA49A507A723A5E4C56429FB5A19F84FFBFB3D81F702E5C7D95F238C49FAF", "06DE81C34BCC037C425D4880FEE00C839756BAEBF07AE79D786A78C384E9210B", "06E5DEE82C960C089994B1110D4E9FB01DCBCB8B65F2F9638E495384F011BF0D", "087CD3B8800A1EB017C933808D8D5E610496ED972CA8243894CB2435705F3CAF", "09C7AA50D5350164A6B5890E17B1CE089731F30FAD86454CBBDB041DA26CCED8", "0AEC3ABCCFB562437ED4141670F5C7C6E096FEFB11D3045A28046C82B784AD9E", "0BBFF5ACCE3BB85B4B009BE1151FB259BD27E60CC9166A10FE3D48B5D6499E15", "0C29FAF85C5EC3892E0C7FC8A3C627A137E252A256F858DFBEEDBE883E306C75", "0C4F91C9AA7E146EDA1AA877B92C4C590E445AC7D2AC0E60ECCE4BA77A47F0EB", "0CF13F8FB4FD77C6593C265FA8F397D0C4324FC1F07F86C436B4937E98B25DBF", "0D1060E5ABDA13ED7B41723370E8EECD9653B01BFAB3E94725DA29BBF5C49458", "0E8555641D8CDA8EC9035ED3EB5F648F408D4DF211176B6798C8D8C65318F3F5", "0F43BB36AD1D0D815B83F74EC5F61DCBB6C382A430E1F7C0D57C2E7E33AC6700", "0F6ED8E3AD312A2820734C8AC75D060FFB6A4BA5AE6F0B7098A31B3452BB6CFC", "105120949BC0CCA8DE1379F674E81CE40B9C51F2D99DA4E967FBCAA179E0FFEA", "119B5A3507435FD3473080875B6B7AF68221D32E82A66EED05FDD9930B10DCD8", "12277D33F023D49A4635EDECB39A0984615C187AFB27843CEEABF15CDF9E0E02", "12951A7E180E72D19BFB63FD83A246813285D33333D44D54231357B4F2632B13", "1409C02B1D07812FF8BC0B202320AD8441505D81CE1403B52DD1807D10185AED", "1455F404660FCFF4574A8636C05189B76DEE7EFC52AAE395C13962E8B14A9830", "1B6B6F798AFCB29081D407FF7387CA748CFEEF00BC950E79BD8FDF3533DED480", "210BE5BCF995033D93AD152A3413E946C87FA9E242CD051D6228488AC0FD790C", "2144A98C6B99B7EB85CE452D9F97E1A8E1038FF69C8DCB9BC1AFE8B706268DC5", "246AE837C8445AA703779C662133545265398BD5CDE8F38537EFB3C06E7731B9", "251C2E34C8D2D4B522AEE3B0D39CBA66F987EC06CBC6FA34ECDC2C96D56F88B7", "251C423177798D75830F3F5802954088E3387B66B51C34FCEA1E4482B6FF4B3F", "277DFEABF06486F72335635DBE961995DC591601976D8D5A79AFEDD4E49FC4E0", "28A18420E3649FDF858FD17E31DB05BBDD69C54F5D7556386C5774F6FC5E065D", "28E0CB5C99EA2D9D29E76348BDEA32969117AF8D0FAE1B64E67CFEE258A643A3", "29DBB9F1E2675C7D11CD51CF8077BB360E608001AE72FD3BD0BEA1D3E8553096", "2A357BC736E420699B8E644429FE72F50245305B75D003CF1E53D2C5C88D84C7", "2D361C1BBDEE23DCFC1E6C5412CD189D08B44927377CE22B91F2955FFD17F14D", "2D7C485C705EF6647EC2ADDB5048FDAE46343DAD18C74DA4CF56006EB314660D", "2DE091CA07117F67C4FD3C61010878CC6DC8E520AC7DB498E6AE9A95138728A3", "2E3576FC9DB523E4FB2CBA935633AE28BB3DCBE18A90FB77A0F3E1112A899144", "2E59BE13E238E4D97B33892C0BB456D62A5C6913F756D4D34620554D57DB715F", "2EFE6F0823C8A2999391498E4D547A11421541651559C159DCFEA60F9B4B126C", "30B97F976830F38EC78A601AC4AF08E5E915E3601910C6A37C3824A2F36E31B8", "31163EC63EEB5A0179912A0BC305EF5FCEB5F7D34DA7DEBB412A6F63DD9E8667", "3155E4C578E235596C383461692E605196F27EF7EBE1510C68AECA994099E83C", "3182625767F77414E4F551A3C35D21062B444542453E79F9D8C2AE1D16DA1DD8", "31CA1967B4ACE475D690E3AA47AC787E52202679AD6B8EBD9D86B9FE71F5E2D3", "3410E09FDCBC57E565C72083D3A630854D64B8490C9907FC7A07113F787F18CE", "3629E8AE86BD50FD71FE5B9A925D7818A407BFF0801CCC4E3F4432D483E9EBE2", "36925FCD99306C01EA66932905F954FF401591329BEF9AA70C7DE926FE9CD481", "3699F8679BBB191A98D9FBCFD8BC4C58C05DF3597BFE29485D69E565EBD20AF0", "37E104987DDBCB98288C981D0121D7E0E9C8345C5AF2BCE774DAAE155427E747", "386212D45D6FE16A001C9C61CDD42F6EB8CCDC69290295BBC8022301F11D2E0D", "38A52946485CDACE22A8567270FB7BCF89D68886DC114C803BECBC70C09308C2", "39E0A8E42AF49F2179F0B050D210E6D8104FD0358E58AD9DC5049A5A5791989D", "3DB1CA9D207806283D828CBB72EB6F3D03978B826B075F379DD5C10EEA352903", "3E0B580256B0433652E3021D4DBF6524952CC4EF609514C4BA279042857CC111", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "3E52F30DE645ED79947372BF790D5DAB4B5FA29866C26DA53811D62A4E0B3206", "3FE63A3F5C5015BF12CBC5431C7DB0BF49847105404A82C433D9F62224F6903F", "418A4C8D1E8F2E8A923DFE2C36570B4A5EF7B515E050C0F19513AF3DAE7D2628", "41CB9666A88AE67D4A0558674B8CFDA62F160B6DDCBA3C10576515447887CF12", "425388ECE1ADC07929410BEE459751DFD6F958476D182A188AADBC4797B87839", "42AE91380DCB3B179D17D9079FE0F75521810DC3E151069826D9442130A7A4DC", "42BBBE960A40127CD1F28E4F70B45E60D02F09D9D2C3D9498AFCFB37870D928E", "4372F4097A742A1A4D3F604F34551B67F343309F00B588092BAFB57F73811181", "43FBEEFC31F99AEB119439D6EF39666A16FB655D9FC959B3333EE94D3E086527", "44AB81145F56D1DFCE25BD0377256BF4F249F090106634935902C6B2AB63091D", "4599CC9BFB88F4FC39276A8CABB721FAE0765199AC66526B71A332F8FAE2A39E", "45DA32C663BE23D1E9021CFBC616628C9999944B0A29CBEC2FB3DFC16618B5B6", "4600DBA554745E41F501FBBE617D5F724608BC9E47E4068F06BECF86BAF12804", "46F60ACCF7FBDA61ED671FF543FDEC8EC05154B9EC2B73E8D49C50CC893C99F2", "46FE088816BBFEE72216A2D1696268656632FBC221AF416D29C97A319ABF449D", "470931858A8BD9D9E13E96D18C3E2C11C117B0B7CEBA332522904A90DAA4F57F", "48D229B93A6D5B072BF253625763ACD70C0058A595E371043C58B6100779772B", "4940B87F5703F7E9544553B0D7BB9C6D4A345E898CB001AE7808330D33AEF23C", "4AFD3A67A4B8CE9D6C9AB20CDD1C452DFC4D819A3B4B02701ED03F83C223CCA9", "4C1B4BD646183F61E0D853B48D7B2EB19C68FB801B5EF685455E498D532C80B5", "4CB5AEEB4566C85CB97CB5F4470481A16D1ECBA93395EFF72D6B83CAA77AD1F6", "4CBBE668D09F499CE01B6D51C7657C257DE80683B0A9566FEF039F3B8AD66AAB", "4CE2962069C84188ED5C475A4FF9247D99A8E2652692C99799F35DF8DAE7F96C", "4EA16C484A11E833B1DEB803D6ABABC8ED4970EE9E61B2165CE99AF8625D8A2C", "511182968CEDB172B8730661A03A2F4C78BA383091EEAD7D8936E457AE6A6443", "51AB1F7F50AE2546674F97D246115890E30F6672B86D6D523810D29C5BAE0D62", "527C030C003106EDF08727B98AC10682E8DE0D0F67A43A4BBB5A977ECA249116", "52BCF84201CEBA012FEF5D806CBEB019BE40DA44E167DE103878B677EE8CAFAB", "52BFEC965C91FFF9EB67268FE505ABA82DAD2FDA3420E0AE67F8478C590BB2EA", "55156FCD842A2CC421648C286DB79335E98E88FF88D30BADC857588FB7995139", "55B26E0461C3762CE34B9A024103EA4D7F7AB0CCFFF0990F7B7E24F913809384", "5766B93D2B15888F57EFD7FFA1362F7AB53BAAD5C757CFEF0A19BC56117B916A", "58D7035DF064B900E6A80B25344135DCC32EB18E94CEA1F56B0905778208F45D", "5AF3B361FB96A8C131A75E653F248F2718053AAE3D89201E702452C44DA2BAB9", "5B1BE418E2831820B0634A19CBD0A643514D93D8C77F89174D56B39131B42CC9", "5BBDE78129FEC8626D9A3FA259F12B0C48A3E43B97DC04EDCAF9F91129AA8643", "5DDB5CECEC283344BB3F493BC01FBE017DB8DDFB43CB94DFA49BBFFB5437AC29", "611E0D0AE2D7D77CEB7988BD9450C02851C4DD87B9A71AF1DF286B51B81ADFFC", "64D4A0EFDA44FD634988AA343C6F11362362D7A9EF20EE97010E4B801142F7D3", "6633AEA14C5B5430B41209886E7739DD57F4002A86E88200DD915838C1355A84", "67930E747B920B4F41F064A6F116CD8319E454DCBBBB109E204714964CDA9945", "69C147CB642B39AA3250947FC1868ED542CC9C2C3BED4BA821CAD9BA0F178E84", "6B0A5599577E8CC081B38DC85FFC053A3E597118CD8108314778BA17EC91A265", "6B7DCA3771436A0F45D4564BA66669C2242AA5C9B9F759BE5A29B65838666ACF", "6D6FD3B17FF4E3AEC7C3300A59DF811D1AEFB71253A1B03A9B6D6569C666112F", "6E31851D9DE0A52F22E528C5E433ECB539CEED68D32D67ED5929B43E327DFF84", "6E576C2CB4D4BBA1032374CAD5E52D25D35C49BA3CF8B212C76E104CF2FFB067", "6F9B3E5D97FDBB41059AA8C4DDC3F8C6E337642756FF537C16A61C7599D523B9", "70549CC4BB1FA3369F5BC1EF01770F5CF2D9642AA2B34DE63805694D06A895CC", "70637707AD35FFD7CA24C460E8B9C97FF5600A40305CB32EDECFB2C1C9A98F05", "70F04B9A5CE3FFBC33D36A32D999163F5334E04B121B116CCEE525F5C79AD71C", "710FF5E1CB4D611BE20AFA763A2E55BD61CA0C044D0A9E4193229B1B1B213877", "734FDE9A6D820A5332D7EEFB5A4C4F802ED630CF06944C3F401C528C04ACB9F8", "73DEE30800CCC9325D5F1586487B2795A5B59E4F564CA3DF38C3A192975E9546", "73FC5ECD1151D9AEBD55620913E8369C80A9C8FB69C433075AC1A654ACD4D2F1", "741612F3AECC80521E78432A56565682CCDB1DB3C10D4385E8F9385A93F02D66", "758B7885C4546A819DA2ED0A4B24907EC9FC839D6B58E3B0E48C50FA44C37345", "76ED8A969B89E917406E6428B20653B4CA4683B94EF0C818185ED8F868517B34", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "79F48BEE0E5A2E069BD89DB00CEE2085DF9E0E6BE97901C5D6431550085B5EE6", "7A1D4AFC62D444E93951F6A46CA35876DD42680BFCB9DD562AE0F80A2C338D67", "7A6BB496FE26603B63F0FFBE8159DD77814309FC3C3D3A21AB2E75CCAF01DD1B", "7C5AE0ABE3DD2F1108DD6FF463EF32BB7DC664CA2965E84227C3A1DA4A214E45", "7D29B4909C6BF3ADF472798B711970B396D8FD474F784096D0CD51E0C3DE6E56", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E79C8722B51CD34772D4E6422F113B07D7EBC673CFF21F6F2933AB8FEC145E8", "7ED0FCE37A97F5F651B14591C6C6F1841EBCCDC87C436E30BE88838436EFE01A", "803DBA46CDB186C9A262B2EAEE8B0F59DB6F198CF626A02B8F5D0AC7ABC2F5FA", "807F02BF5D04D1D709B1D383A56D073A3E2ABB5E058B819FF145C9C80E083AF4", "8325E2E8632F22E10CD653162D8EFC2BD56BD809EC2298B08EF585D287E1CFA8", "83949293D531C3BC38D05B8E11F73860AE63D675A7ACD0FBACD46879F7DFA117", "84087AA294E6E7DCA76C8D50AF7DE9E9EF8858C20BA19B0EFEF838180C5D4262", "858C7CB29A95643000EADA0C1DB3FB5D46EEA8B81788EBA2B778EE7CBE075776", "85F4F9ABC26A141EA4CBD424EA8C33FAF00DCF970AA42D90F5EC572561A224B5", "8649193431A71228BC32B0BD78D31629CEE17377E0FEA3B72BFEBEC9E8B5F648", "86857E58370683CD6F1A7EFD8594D930D4071245BF08AD93E4E74F3BD64C8921", "88CA1A3D2F08416DE8999442085C1CD03030FFCDC9FB134CD449DEB7C5DB7536", "894F89CC3B07BA9115ABB430A1A8243C856F90F0847CE571F11DF1B1D0EA6024", "8A58A1DA760D7C9AA9496CCEB8F8DD3ECEA3B210C20F1C397D073382709059F3", "8A701D48F4091EA51049536F85130BE7D77B829160E8E35B5466F949D90A6C04", "8E52B580FD40A2463235A900C053978088551052E8CED206AAA5FACA17727B55", "8EFB8A654D3536DD4481500A7680D75E0B2A04D2F63C829CAE130B12A35D7ED3", "8F63BC3CF4FFE8E56809705C71F9763152D76451EDAADBD199902983B8AC2975", "906B64791AA71F432F14BB58CCAEE6A9622AD741C3E459C5C2594F4C546B7BA9", "916289CD5D9C8E5E33D7DE91CC4F8F7F5D561CF5D9EE0270AA10F98B4F8E11B1", "91D7C6C9A5739FEE5F42D389A6790AF75591DE3F4B00792DEC9B2F9736C9AA92", "91FD6D04ED1E07D418A657F1210391A3C11E4D7E7EF42869A4D979B60B621098", "928B26714FC24270FC86337E21BBA3EB76F0E528762596275CC586405FE80B05", "92D5F309D36E545930CDE46C5D5E562F5AA2FB4D716A92191A214ED61A68FB2B", "935BBE24737E52E53E9E3276AF57AD4035B2612D5C231971408DE1225A3AD2B0", "93F376A33DAF2CAA98CBF6E0EBE1D85CAFA8457254A8255841887F4BAE5738F6", "941BE6546248546895E985D918A392B54ED0C65B26F1D77CFD98B3C980077115", "94E13AF146BBB1F07C8C15D84D0BA56926DB7F008F4C7E0D14A9D403A19C14B8", "99B0D510DA64E0ED9DEF1BBC23744F97A1E9BC7736AC180AA9AB508DBFA55A4A", "9A88F4139EF1E18A65A8ADF6C7D03EDB323B77B07792FE8E32EAABA7D0EA7E35", "9BFD97D0B2FA510A1941EEFCA94B44E28E120135826959B420897ACFF641F28F", "9E53A4688A7303B0B9F4CB55AB10948257FC5A05A86EAEF25FEFEE9C24726842", "9E6FA1F3A9A1191971251B93D23C36DEAAB0788ADEF80DBC0987592BC5E6D5C3", "9E87F162964EFA269022E795C248C44A7E59EB5181730CB521B210549355D42D", "9F428960487537078BFBC44921299376F542D2CDA7A65290738349BDC14C12F8", "A06C985E81BB1BB1AA90DFD4F5BA6E0FFAF51669D2A5D4D6AE0FBF98103633F4", "A150C2E017839DE1F5CBC686332D12515358F881E715C75E1B2D5509C5D5362A", "A58C823EBA17BCA1EF2E03A022AD459615777F04304CD5155A2E49671A228600", "A68DFAAF23CD5A74809081B6CA6975B0FEDB431E36E31131D0ABF0CA07FC9DFE", "A6D9D4111807AA4EB0126419E70851CE3116CAE1D7000C36A1B26DAEBCF4424F", "A8027975CD04187C329072482069EDA4C120BA42B61748874AB53CA265CE950D", "A911AF5A1D427E3C73869552B626178ECA9D7A2C4D751BD35DCB395C648FFF83", "A9AB1978143F5EFD96539CC8EEDCDEAFE5ADC2636A91FD3B18CE75E08D1A2E03", "AAC5884285F652148280915B34EFB197A86E311F7A92CD8646BA70EB843ACCCD", "AB8332BB49251697A40C4A181070CC821286458CE2114BD526688971705EBC0B", "AC635EF4F12D3BE4C3820FEE2362C9F5BB72D64EC5E6CFD25188007F2563E051", "ACDFEAA7AF640374CE7D6BF67721314A280E868DB9395ED18AF53CF9F81EAE8C", "AD52780ADB1AA1A63A95666586BE3E3CBD0D8D672011DB568982D69F38937402", "AD8E660250C2C89BB2D58BF124515BD0BFFA5E94B9B8B65817709BA231BB81C4", "AE1071F674A8CA0407E65154FA17954DDDEFA42B2FE2855E6836D4B9A85A888D", "AE2001E70A6A1D08A7A052F29EBCC43DFABEDE2E451FC6D7A5C896659F9A82F9", "AE6D1B5FD790E4EB67811073CAA87734E8796D6A47CED4BA9A466C750931055B", "B0710CCD7EB89A5C49D6C1E3D822E60C1DA51A788060B7BC1A3E28F811AE5890", "B0917B9B05986D5C57AFA7D61D59DB3AC46BF8A66810DCCC331CD59E3A0CC975", "B192A38BFCB65C485CB834810BC072C9ED521B788476FAD8E67C2FE9EE26ACC2", "B1AD6C29F17298F54FC475D13E75ECE9C959847B3671FAFC44950BE9472AFF6D", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B37A47AB60EB868AF7572A314990C7838EB07FEF680EA4DC8563B86CBA77886A", "B38CC41D14408E3A9CA8CDF7A847F854B44445C246B3F7642F746F0F82E60651", "B38DBE38F17B5A514627DD6BBD5252176BA17D057FB3070D5C24522DD2CAEC6B", "B3DABFADD619975EF5130C57A6702A88549BFE1458F2E0C404399F146BF3FA02", "B569A853D72B998931834B4E507ABAC9BFD3A8D8EC956A6081EB37817B823603", "B5B313A73D0B335F18892EC4196F2ABB099764E6FF53E09B6A30800B58EACAB5", "B6C593CFA8F4C1195B7D65B41828D25967C1BADAD2B07C2F63837A7BFA7E189E", "B6EF3AFF0A92E5BC87865D7AD31607F760E360370C673726C765104E3F84E37D", "B73E2AC64919358B53CBFE9E0576F144ECF05CB1E42E5E59DCDDEF0BD5FEF485", "B8AFBDF45AEF0460886E5F93AC90DAE8F281918FBE5E510F9AEB0E2A09E65A0A", "B8C124EE4E419DE7F41A9CB0246E9FF21300C4C9A2734EF999830B9906B65133", "B97713A9D1C3353360B57D1AD1EC137AB7A100FBE009625EB3FD31558B3B3304", "BA84392D3F11FD2DE3FE0A8FC9E00B1D08953778839774F716912228DD61BCC2", "BBD0BB9278125E79B44348E7A6E2FDFBBE0FF4AC9E9184823B714AE94FCDD740", "BF02F346F8040935042888E37E57388C99CFE5C1481423006521CE138806F10B", "BFC19961F4B2A71B650F919D0D8075421D25957A36A4487C121AAA7C17E478AF", "C0F8A4FDB16B6060757282B298924E8005EF0D1B30BB3472B793362E6109A282", "C2AD37127CFA24DA344D83615E52C89120517C28EF1DD402E00B247939985287", "C3B24D9C073C7840B6F13827EE7743D35E733053B2442D8C8AD0A06EAEC3B9DA", "C3FB79ADA39B46791DCF93E4A2B6E50FE2792D0E382EF08036106CE4972770C2", "C43A1F0CEB81AA4A191772045A2F728E15F2A8C1DFBFE5BB6675B9F2472A9521", "C4CCB581E9554A8FC81404481350AD55F2B3AFAFAEDE521E7CBB6249AE97DBA8", "C5741045DC35D614C5F27457EA978674909AB0F02D0C1FDD00E51CB9F62CD1A7", "C633E3F919C9BCD1EAFB625FB054DC01CA44ECB316E9D13E7A22A44BF1FFF391", "C8BE73C4E7057D8E5549AED30F58BE7C02D764368946F222F073AD95FC7463AB", "C9ECB6A07E020B4F51B5A75CA641A4C9D5FF4604F410B4F4F79CC5B7C23A3A21", "CB650C098E7F975732842DF3BA263EE87E1FC1874100FCC105AB0C9D8AA03627", "CBDB352135F35E50D1EDF94C431A5A57B2DE17935CB3F0D6B7B9FF3C9FE7A3B7", "CCFECD3DB0FE27D3FFA94FA02DB02FA929F230E12AD62B226E45F86E49E553DA", "CD8418BB02EB6826E569D98384F70297E22D3E490B1DA1768CD8EEF2AA731E2A", "CE820FD4621D83AF3E51CFD93CBDEF291F0771A4EE878E6401156E6ED47270AB", "CEF21B0BD5863DB6FAC5707072AFD1C97DBCCF20094059E8152F69DD866F7218", "CF1F07DA2B20C770F95DF588BC3F6C960A553C9CE8063CC74407C77B7C6EE7BB", "CFD638A2D56FDAA7E2CFED7B4344FAF2210A433AC182F74EEAC48E18FACB8751", "CFF78161323725A8FD12DF13E41FC085C16BC5DB4DD0560B538661E5E827574B", "D022529FE320A8F43D11C49701F88EA64C97C42B2D7C123E2D786C4D8DE81CA2", "D12D4BA37401CEB11895561D471A9AE3CA7EAB842BCDE04258D6F9B744444396", "D27D7A3FAB54F4252945DE24C1BCEB0239D87CB0DB7641EF3375DE0B604D151D", "D28A33DD6F9F0616BF17BE9435C16BA5747AE3606D1B535CC4C8068BCF7BF4EB", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D4552FDC70931CD8B4AD1900AAFD91F4395F28D6E61914A873226147AFDAF729", "D4C1C0E6A5170ECC8C7B3DFFE304FF401A904E8D9E1A70A203081EBBCDBE568F", "D5A66CF2D7203294935E51CCC293D11C48AB2DEB03784B8468171D08CB2F79D3", "D5ADF098FB3E5614108F7FCF78AA40B198A5F906A4707F01E1486D71B56D5BB5", "D64BC5FE778E62F52FAF1A558C46AB9C63D2D06A74FDE22CC1A16BB67C6A0E8C", "D677F4DB1390FE714B817B24CE7D654078B51BA146F6C4537E43D85D3A2B0CC2", "D6A44428CCED7D4414F45995089E4B50263CC2289068653B4C25B2BD80252892", "D8364619CBEE24F5374C5900204720B8892538BCBAF940A1D49FD87DDBC8DCB2", "D86FE44D98DA7C28FEC89271CF14D0D0C5B622A5A310D188BADF3A8D121163C7", "DA78D22BE98AAE3FAE7595498C22303F728B4F1A787F6AA2950D1A2B51579024", "DA815A7C4A42ED491F84873B4248BBC6BF0CD175F8AA4219C89E764FB61FECD4", "DCC9649506788D084E3F04BBCEF6771A166E4FA63D4D9E7BB7918699340BFC39", "DD576034FC94E29158076BADB8AE6D09C8EFA857F3B53F052CBBFE9FFCF9F266", "DE6681F3E96F25F91AC2E2C017B6397791F3FF0C0012BA1B09E3DF70C14557D2", "DF31E141AA096CFAECC5AC37CD89F76F7CE6B99FF75F3440AC07B72623391F17", "E026D876441506065638E9669757F49A62954ECA499F837804AD1070CA5C7B19", "E19B380C2BF0F26DFDCBADD37C1B7D4A13ED463E7B4B4ECE7EEEC8895D5690CB", "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "E2B86254D720126A86E0D868B69F73304F67BBA828605033D214DA145B7078F4", "E46E249A2A7ED001BEF59F483830A2690EC2B94A16D5E8A1028E94B1AA23DA4C", "E4F2370C8456C3A24F1075094F0B4AA9B1C985266BEE2023C9CF82A01205F63E", "E6EE20198BD4C32711820E67FB3A052C1C4BCF0D11A5A4BBA683215A3FA5825E", "E718C72F3753D3991081A7D39539F43A8C97C8A42E3C0228988F94034FC70A1C", "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "E7FB5735ADA60C1184A568F1F506520CF55F0E3A61B381ABCF4FF3C5090C8998", "E8B99C5821B9BFF7F322A8EC12A17AA67D967F20A2229116DE9EBD1CD1030BCD", "E92BF7B99962FB16CEF2791538750652168DC6B3E67B515B830DD2E9A7E83E17", "EC830A809C3DE3DB9FB5FC8B91AF7F5A42F1217E9E279C16808286246593B31D", "ED3133A0CA81E96794720CCDE610BF73EE2EECB2B0FFB9A5C514F344E863D936", "ED3F93879D9EA52ACA672D1FC614DA612590B9D39156C7569BA8BF51AA634A4F", "F15BA9EC0C1FC4624C7DDC90D046A7A3558B86CF13B121A8778B5BA8562491DC", "F2C60EF9E96AA9B7F20810A32ABE6C58279506718A61C2BD9D6A6DF787CD9EA7", "F46C78B5699EA9E6CF425FDE29A6DB46E4CEE4304FA86CE08CAC7ECAA140B7A9", "F5CDE8C22C4BBC6BB7CBF97A440438D883CD649212412738F8629A2D4E07BCFD", "F5CE39D21BD3B95C22FB843CCC4D9A5EFEAA008A99B43AAE226D2C64F1A01882", "F5D1BF73FF3841466F9B24DF507EF84C934C38D15F16FEA1A1A4AA761557EAC8", "F6697F7B335B13964F9055910F3DE232E816E18DF95389E89281CB35606768FB", "F7ECC1B5644BCD1080CC371173AB36D2F1D0839499F9CC28F1B54440D47879C3", "F86E22B7D4364B00DDE20B4FC7BF8FBECA6DFB9BBB025F902E24119D4762DB2F", "F8AD49D8A73BB530C15AF495227B6C3747AE0CF3ACDA4A23CB12ECAB9ECF5B62", "F9ED99C3F4B2D868A3826BA34135EFCC7EF1978329C535488F23E6CF98DA913D", "FA90064F3FABCD5CD6E50C627B3EEFFD46086A8E2B7D5B55053A4E47043DC8A7", "FB2F8C7049015C7BE545300CAD9047082B745E9D0F18A7F8CFAC5C9D1623676A", "FCEDD547799AE384A4D749F6F180AE8594D14E825F787E185F25A3AC75A35F08", "FEA72A089D1755DA76737B39FD3BC90F9FC3011626C35A4FAFB48AD0A4D10189", "FEB66BA79543C1A862673BEB6AE0912315C17E3AD0A3E6A1AEAC5194593B9FDD"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:4F187FDBA230373382F26BA12E00F8E7"]}, {"type": "kaspersky", "idList": ["KLA10070", "KLA10072", "KLA10630"]}, {"type": "mageia", "idList": ["MGASA-2014-0082", "MGASA-2014-0148", "MGASA-2014-0149", "MGASA-2014-0268", "MGASA-2015-0081", "MGASA-2016-0090", "MGASA-2016-0367", "MGASA-2016-0417", "MGASA-2017-0117", "MGASA-2023-0141"]}, {"type": "myhack58", "idList": ["MYHACK58:62201028404", "MYHACK58:62201562233", "MYHACK58:62201785372", "MYHACK58:62201785395"]}, {"type": "nessus", "idList": ["5786.PASL", "5788.PASL", "5789.PASL", "5882.PASL", "5996.PASL", "6018.PASL", "6332.PASL", "6623.PASL", "6624.PASL", "6657.PASL", "6832.PASL", "6833.PASL", "700057.PASL", "700668.PASL", "700699.PASL", "800595.PRM", "800597.PRM", "800602.PRM", "800606.PRM", "800607.PRM", "800609.PRM", "800612.PRM", "800613.PRM", "800617.PRM", "800783.PRM", "8141.PASL", "8830.PASL", "8831.PRM", "8832.PASL", "8934.PASL", "8935.PASL", "8936.PASL", "9315.PRM", "9316.PASL", "9721.PASL", "9906.PASL", "ALA_ALAS-2011-25.NASL", "ALA_ALAS-2014-344.NASL", "ALA_ALAS-2015-525.NASL", "ALA_ALAS-2015-526.NASL", "ALA_ALAS-2015-527.NASL", "ALA_ALAS-2016-656.NASL", "ALA_ALAS-2016-657.NASL", "ALA_ALAS-2016-658.NASL", "ALA_ALAS-2016-679.NASL", "ALA_ALAS-2016-680.NASL", "ALA_ALAS-2016-681.NASL", "ALA_ALAS-2016-764.NASL", "ALA_ALAS-2016-776.NASL", "ALA_ALAS-2016-777.NASL", "ALA_ALAS-2016-778.NASL", "ALA_ALAS-2017-810.NASL", "ALA_ALAS-2017-821.NASL", "ALA_ALAS-2017-822.NASL", "ALA_ALAS-2022-1562.NASL", "APACHE_LOG4J_1_X_MULTIPLE_VULNERABILITIES.NASL", "APACHE_LOG4J_2_13_2.NASL", "CENTOS_RHSA-2010-0580.NASL", "CENTOS_RHSA-2011-1780.NASL", "CENTOS_RHSA-2011-1845.NASL", "CENTOS_RHSA-2012-0474.NASL", "CENTOS_RHSA-2012-0475.NASL", "CENTOS_RHSA-2013-0623.NASL", "CENTOS_RHSA-2013-0640.NASL", "CENTOS_RHSA-2013-0869.NASL", "CENTOS_RHSA-2013-0964.NASL", "CENTOS_RHSA-2014-0429.NASL", "CENTOS_RHSA-2014-0865.NASL", "CENTOS_RHSA-2014-1034.NASL", "CENTOS_RHSA-2014-1038.NASL", "CENTOS_RHSA-2015-0983.NASL", "CENTOS_RHSA-2015-0991.NASL", "CENTOS_RHSA-2016-0492.NASL", "CENTOS_RHSA-2016-2045.NASL", "CENTOS_RHSA-2016-2046.NASL", "CENTOS_RHSA-2016-2599.NASL", "CENTOS_RHSA-2017-0527.NASL", "CENTOS_RHSA-2017-0935.NASL", "CENTOS_RHSA-2017-2247.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2017-3080.NASL", "CENTOS_RHSA-2017-3081.NASL", "DEBIAN_DLA-2065.NASL", "DEBIAN_DLA-232.NASL", "DEBIAN_DLA-2852.NASL", "DEBIAN_DLA-435.NASL", "DEBIAN_DLA-728.NASL", "DEBIAN_DLA-729.NASL", "DEBIAN_DLA-753.NASL", "DEBIAN_DLA-779.NASL", "DEBIAN_DLA-924.NASL", "DEBIAN_DSA-2160.NASL", "DEBIAN_DSA-2207.NASL", "DEBIAN_DSA-2401.NASL", "DEBIAN_DSA-2725.NASL", "DEBIAN_DSA-2897.NASL", "DEBIAN_DSA-3428.NASL", "DEBIAN_DSA-3447.NASL", "DEBIAN_DSA-3530.NASL", "DEBIAN_DSA-3552.NASL", "DEBIAN_DSA-3609.NASL", "DEBIAN_DSA-3720.NASL", "DEBIAN_DSA-3721.NASL", "DEBIAN_DSA-3738.NASL", "DEBIAN_DSA-3739.NASL", "DEBIAN_DSA-3842.NASL", "DEBIAN_DSA-3843.NASL", "DEBIAN_DSA-4686.NASL", "DEBIAN_DSA-5020.NASL", "EULEROS_SA-2016-1049.NASL", "EULEROS_SA-2016-1054.NASL", "EULEROS_SA-2017-1081.NASL", "EULEROS_SA-2017-1082.NASL", "EULEROS_SA-2017-1191.NASL", "EULEROS_SA-2017-1192.NASL", "EULEROS_SA-2017-1213.NASL", "EULEROS_SA-2017-1214.NASL", "EULEROS_SA-2017-1261.NASL", "EULEROS_SA-2017-1262.NASL", "F5_BIGIP_SOL15426.NASL", "F5_BIGIP_SOL15428.NASL", "F5_BIGIP_SOL15429.NASL", "F5_BIGIP_SOL15432.NASL", "F5_BIGIP_SOL16344.NASL", "F5_BIGIP_SOL17123.NASL", "F5_BIGIP_SOL18174924.NASL", "F5_BIGIP_SOL30971148.NASL", "F5_BIGIP_SOL34341852.NASL", "F5_BIGIP_SOL50116122.NASL", "F5_BIGIP_SOL58084500.NASL", "FEDORA_2010-16248.NASL", "FEDORA_2010-16270.NASL", "FEDORA_2010-16528.NASL", "FEDORA_2011-13426.NASL", "FEDORA_2011-13456.NASL", "FEDORA_2011-13457.NASL", "FEDORA_2011-15005.NASL", "FEDORA_2012-20151.NASL", "FEDORA_2012-7593.NASL", "FEDORA_2014-11048.NASL", "FEDORA_2015-2109.NASL", "FEDORA_2016-38E5B05260.NASL", "FEDORA_2016-4094BD4AD6.NASL", "FEDORA_2016-98CCA07999.NASL", "FEDORA_2016-9C33466FBB.NASL", "FEDORA_2016-A98C560116.NASL", "FEDORA_2016-C1B01B9278.NASL", "FEDORA_2017-0E64C4C186.NASL", "FEDORA_2017-11EDC0D6C3.NASL", "FEDORA_2017-2CCFBD650A.NASL", "FEDORA_2017-511EBFA8A3.NASL", "FEDORA_2017-5261BA4605.NASL", "FEDORA_2017-7E0FF7F73A.NASL", "FEDORA_2017-8348115ACD.NASL", "FEDORA_2017-B8358CDA24.NASL", "FEDORA_2017-D5AA7C77D6.NASL", "FREEBSD_PKG_0B9AF110D52911E6AE1B002590263BF5.NASL", "FREEBSD_PKG_134ACAA251EF11E28E340022156E8794.NASL", "FREEBSD_PKG_152E4C7E2A2E11E299C700A0D181E71D.NASL", "FREEBSD_PKG_1F1124FEDE5C11E58FA814DAE9D210B8.NASL", "FREEBSD_PKG_25E0593D13C011E59AFB3C970E169BC2.NASL", "FREEBSD_PKG_3383E7064FC311DF83FB0015587E2CC1.NASL", "FREEBSD_PKG_3AE106E2D52111E6AE1B002590263BF5.NASL", "FREEBSD_PKG_4CA265742A2C11E299C700A0D181E71D.NASL", "FREEBSD_PKG_553EC4ED38D611E094B1000C29BA66D2.NASL", "FREEBSD_PKG_7F5CCB1D439B11E1BC160023AE8E59F0.NASL", "FREEBSD_PKG_81FC1076128611E4BEBD000C2980A9F3.NASL", "FREEBSD_PKG_953911FE51EF11E28E340022156E8794.NASL", "FREEBSD_PKG_F599DFC43EC211E28AE1001A8056D0B5.NASL", "GENTOO_GLSA-201206-24.NASL", "GENTOO_GLSA-201412-29.NASL", "GENTOO_GLSA-201705-09.NASL", "HP_SYSTEMS_INSIGHT_MANAGER_700_MULTIPLE_VULNS.NASL", "IBM_STORWIZE_1_5_0_2.NASL", "JUNIPER_NSM_2012_2_R5.NASL", "JUNIPER_SPACE_JSA_10838.NASL", "MACOSX_SECUPD2011-006.NASL", "MANDRIVA_MDVSA-2010-176.NASL", "MANDRIVA_MDVSA-2010-177.NASL", "MANDRIVA_MDVSA-2011-030.NASL", "MANDRIVA_MDVSA-2011-156.NASL", "MANDRIVA_MDVSA-2012-085.NASL", "MANDRIVA_MDVSA-2014-042.NASL", "MANDRIVA_MDVSA-2015-052.NASL", "MANDRIVA_MDVSA-2015-053.NASL", "MANDRIVA_MDVSA-2015-084.NASL", "MYSQL_ENTERPRISE_MONITOR_3_1_5_7958.NASL", "MYSQL_ENTERPRISE_MONITOR_3_2_2_1075.NASL", "MYSQL_ENTERPRISE_MONITOR_3_3_4_3247.NASL", "MYSQL_ENTERPRISE_MONITOR_3_4_8.NASL", "NEWSTART_CGSL_NS-SA-2019-0117_TOMCAT6.NASL", "NUTANIX_NXSA-AOS-5_20_3_5.NASL", "NUTANIX_NXSA-AOS-5_20_4.NASL", "NUTANIX_NXSA-AOS-6_0_2_6.NASL", "NUTANIX_NXSA-AOS-6_1_1.NASL", "OPENSUSE-2012-129.NASL", "OPENSUSE-2012-883.NASL", "OPENSUSE-2012-884.NASL", "OPENSUSE-2013-23.NASL", "OPENSUSE-2013-24.NASL", "OPENSUSE-2013-633.NASL", "OPENSUSE-2016-1455.NASL", "OPENSUSE-2016-1456.NASL", "OPENSUSE-2016-384.NASL", "OPENSUSE-2017-586.NASL", "OPENSUSE-2020-51.NASL", "OPENSUSE-2020-911.NASL", "ORACLELINUX_ELSA-2010-0580.NASL", "ORACLELINUX_ELSA-2011-0335.NASL", "ORACLELINUX_ELSA-2011-1780.NASL", "ORACLELINUX_ELSA-2011-1845.NASL", "ORACLELINUX_ELSA-2012-0474.NASL", "ORACLELINUX_ELSA-2012-0475.NASL", "ORACLELINUX_ELSA-2013-0623.NASL", "ORACLELINUX_ELSA-2013-0640.NASL", "ORACLELINUX_ELSA-2013-0869.NASL", "ORACLELINUX_ELSA-2013-0964.NASL", "ORACLELINUX_ELSA-2014-0429.NASL", "ORACLELINUX_ELSA-2014-0686.NASL", "ORACLELINUX_ELSA-2014-0827.NASL", "ORACLELINUX_ELSA-2014-0865.NASL", "ORACLELINUX_ELSA-2014-1034.NASL", "ORACLELINUX_ELSA-2014-1038.NASL", "ORACLELINUX_ELSA-2015-0983.NASL", "ORACLELINUX_ELSA-2015-0991.NASL", "ORACLELINUX_ELSA-2016-0492.NASL", "ORACLELINUX_ELSA-2016-2045.NASL", "ORACLELINUX_ELSA-2016-2046.NASL", "ORACLELINUX_ELSA-2016-2599.NASL", "ORACLELINUX_ELSA-2017-0527.NASL", "ORACLELINUX_ELSA-2017-0935.NASL", "ORACLELINUX_ELSA-2017-2247.NASL", "ORACLELINUX_ELSA-2017-2423.NASL", "ORACLELINUX_ELSA-2017-3080.NASL", "ORACLELINUX_ELSA-2017-3081.NASL", "ORACLELINUX_ELSA-2022-9419.NASL", "ORACLE_BI_PUBLISHER_OCT_2018_CPU.NASL", "ORACLE_E-BUSINESS_CPU_APR_2021.NASL", "ORACLE_EDQ_OCT_2014_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2018_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JUL_2020_CPU_UI.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_JAN_2019.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_OCT_2018.NASL", "ORACLE_OATS_CPU_JUL_2018.NASL", "ORACLE_OATS_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_OCT_2020.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2017_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2014_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2014_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2015_CPU.NASL", "ORACLE_WEBCENTER_SITES_APR_2017_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2020.NASL", "REDHAT-RHSA-2010-0580.NASL", "REDHAT-RHSA-2010-0584.NASL", "REDHAT-RHSA-2011-0335.NASL", "REDHAT-RHSA-2011-0791.NASL", "REDHAT-RHSA-2011-1780.NASL", "REDHAT-RHSA-2011-1845.NASL", "REDHAT-RHSA-2012-0074.NASL", "REDHAT-RHSA-2012-0474.NASL", "REDHAT-RHSA-2012-0475.NASL", "REDHAT-RHSA-2012-0680.NASL", "REDHAT-RHSA-2012-0682.NASL", "REDHAT-RHSA-2013-0005.NASL", "REDHAT-RHSA-2013-0147.NASL", "REDHAT-RHSA-2013-0158.NASL", "REDHAT-RHSA-2013-0164.NASL", "REDHAT-RHSA-2013-0191.NASL", "REDHAT-RHSA-2013-0192.NASL", "REDHAT-RHSA-2013-0193.NASL", "REDHAT-RHSA-2013-0195.NASL", "REDHAT-RHSA-2013-0196.NASL", "REDHAT-RHSA-2013-0197.NASL", "REDHAT-RHSA-2013-0266.NASL", "REDHAT-RHSA-2013-0268.NASL", "REDHAT-RHSA-2013-0623.NASL", "REDHAT-RHSA-2013-0629.NASL", "REDHAT-RHSA-2013-0640.NASL", "REDHAT-RHSA-2013-0641.NASL", "REDHAT-RHSA-2013-0647.NASL", "REDHAT-RHSA-2013-0833.NASL", "REDHAT-RHSA-2013-0834.NASL", "REDHAT-RHSA-2013-0839.NASL", "REDHAT-RHSA-2013-0869.NASL", "REDHAT-RHSA-2013-0964.NASL", "REDHAT-RHSA-2013-1011.NASL", "REDHAT-RHSA-2013-1012.NASL", "REDHAT-RHSA-2013-1193.NASL", "REDHAT-RHSA-2013-1437.NASL", "REDHAT-RHSA-2014-0343.NASL", "REDHAT-RHSA-2014-0344.NASL", "REDHAT-RHSA-2014-0429.NASL", "REDHAT-RHSA-2014-0525.NASL", "REDHAT-RHSA-2014-0526.NASL", "REDHAT-RHSA-2014-0686.NASL", "REDHAT-RHSA-2014-0827.NASL", "REDHAT-RHSA-2014-0834.NASL", "REDHAT-RHSA-2014-0835.NASL", "REDHAT-RHSA-2014-0843.NASL", "REDHAT-RHSA-2014-0865.NASL", "REDHAT-RHSA-2014-1034.NASL", "REDHAT-RHSA-2014-1038.NASL", "REDHAT-RHSA-2014-1087.NASL", "REDHAT-RHSA-2014-1088.NASL", "REDHAT-RHSA-2015-0983.NASL", "REDHAT-RHSA-2015-0991.NASL", "REDHAT-RHSA-2015-1622.NASL", "REDHAT-RHSA-2015-2659.NASL", "REDHAT-RHSA-2015-2660.NASL", "REDHAT-RHSA-2016-0492.NASL", "REDHAT-RHSA-2016-0595.NASL", "REDHAT-RHSA-2016-0596.NASL", "REDHAT-RHSA-2016-0597.NASL", "REDHAT-RHSA-2016-0598.NASL", "REDHAT-RHSA-2016-1087.NASL", "REDHAT-RHSA-2016-1088.NASL", "REDHAT-RHSA-2016-1432.NASL", "REDHAT-RHSA-2016-1433.NASL", "REDHAT-RHSA-2016-1434.NASL", "REDHAT-RHSA-2016-2045.NASL", "REDHAT-RHSA-2016-2046.NASL", "REDHAT-RHSA-2016-2599.NASL", "REDHAT-RHSA-2016-2807.NASL", "REDHAT-RHSA-2017-0244.NASL", "REDHAT-RHSA-2017-0245.NASL", "REDHAT-RHSA-2017-0246.NASL", "REDHAT-RHSA-2017-0250.NASL", "REDHAT-RHSA-2017-0455.NASL", "REDHAT-RHSA-2017-0456.NASL", "REDHAT-RHSA-2017-0527.NASL", "REDHAT-RHSA-2017-0935.NASL", "REDHAT-RHSA-2017-1548.NASL", "REDHAT-RHSA-2017-1549.NASL", "REDHAT-RHSA-2017-1550.NASL", "REDHAT-RHSA-2017-1552.NASL", "REDHAT-RHSA-2017-1801.NASL", "REDHAT-RHSA-2017-2247.NASL", "REDHAT-RHSA-2017-2423.NASL", "REDHAT-RHSA-2017-2493.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2808.NASL", "REDHAT-RHSA-2017-2809.NASL", "REDHAT-RHSA-2017-2811.NASL", "REDHAT-RHSA-2017-3080.NASL", "REDHAT-RHSA-2017-3081.NASL", "REDHAT-RHSA-2017-3399.NASL", "REDHAT-RHSA-2020-3817.NASL", "REDHAT-RHSA-2022-5053.NASL", "SL_20100802_TOMCAT5_ON_SL5_X.NASL", "SL_20110309_TOMCAT6_ON_SL6_X.NASL", "SL_20110519_TOMCAT6_ON_SL6_X.NASL", "SL_20111205_TOMCAT6_ON_SL6.NASL", "SL_20111220_TOMCAT5_ON_SL5_X.NASL", "SL_20120411_TOMCAT5_ON_SL5_X.NASL", "SL_20120411_TOMCAT6_ON_SL6.NASL", "SL_20130311_TOMCAT6_ON_SL6_X.NASL", "SL_20130312_TOMCAT5_ON_SL5_X.NASL", "SL_20130528_TOMCAT6_ON_SL6_X.NASL", "SL_20130620_TOMCAT6_ON_SL6_X.NASL", "SL_20140423_TOMCAT6_ON_SL6_X.NASL", "SL_20140709_TOMCAT6_ON_SL6_X.NASL", "SL_20140811_TOMCAT6_ON_SL6_X.NASL", "SL_20150512_TOMCAT6_ON_SL6_X.NASL", "SL_20150512_TOMCAT_ON_SL7_X.NASL", "SL_20160323_TOMCAT6_ON_SL6_X.NASL", "SL_20161010_TOMCAT6_ON_SL6_X.NASL", "SL_20161010_TOMCAT_ON_SL7_X.NASL", "SL_20161103_TOMCAT_ON_SL7_X.NASL", "SL_20170315_TOMCAT6_ON_SL6_X.NASL", "SL_20170412_TOMCAT_ON_SL7_X.NASL", "SL_20170802_TOMCAT_ON_SL7_X.NASL", "SL_20170807_LOG4J_ON_SL7_X.NASL", "SL_20171030_TOMCAT6_ON_SL6_X.NASL", "SL_20171030_TOMCAT_ON_SL7_X.NASL", "SOLARIS11_TOMCAT_20120405.NASL", "SOLARIS11_TOMCAT_20140401.NASL", "SOLARIS11_TOMCAT_20140401_2.NASL", "SOLARIS11_TOMCAT_20140522.NASL", "SOLARIS11_TOMCAT_20140715.NASL", "SUN_JAVA_WEB_SERVER_7_0_27.NASL", "SUSE9_12625.NASL", "SUSE9_12687.NASL", "SUSE_11_1_TOMCAT6-100719.NASL", "SUSE_11_2_TOMCAT6-100719.NASL", "SUSE_11_2_TOMCAT6-110118.NASL", "SUSE_11_2_TOMCAT6-110202.NASL", "SUSE_11_2_TOMCAT6-110211.NASL", "SUSE_11_3_TOMCAT6-100719.NASL", "SUSE_11_3_TOMCAT6-110118.NASL", "SUSE_11_3_TOMCAT6-110211.NASL", "SUSE_11_3_TOMCAT6-110815.NASL", "SUSE_11_3_TOMCAT6-110916.NASL", "SUSE_11_3_TOMCAT6-120109.NASL", "SUSE_11_4_TOMCAT6-110815.NASL", "SUSE_11_4_TOMCAT6-110916.NASL", "SUSE_11_4_TOMCAT6-120109.NASL", "SUSE_11_4_TOMCAT6-120207.NASL", "SUSE_11_TOMCAT6-120206.NASL", "SUSE_11_TOMCAT6-130107.NASL", "SUSE_11_TOMCAT6-130802.NASL", "SUSE_11_TOMCAT6-201407-140706.NASL", "SUSE_SU-2020-14267-1.NASL", "SUSE_TOMCAT5-7099.NASL", "SUSE_TOMCAT5-7337.NASL", "SUSE_TOMCAT5-7688.NASL", "SUSE_TOMCAT5-7689.NASL", "SUSE_TOMCAT5-7755.NASL", "SUSE_TOMCAT5-7756.NASL", "SUSE_TOMCAT5-7933.NASL", "SUSE_TOMCAT5-8397.NASL", "SYMANTEC_CONTENT_ANALYSIS_SYMSA1419.NASL", "TOMCAT_5_5_32.NASL", "TOMCAT_5_5_34.NASL", "TOMCAT_5_5_35.NASL", "TOMCAT_5_5_36.NASL", "TOMCAT_6_0_24.NASL", "TOMCAT_6_0_28.NASL", "TOMCAT_6_0_30.NASL", "TOMCAT_6_0_33.NASL", "TOMCAT_6_0_35.NASL", "TOMCAT_6_0_36.NASL", "TOMCAT_6_0_37.NASL", "TOMCAT_6_0_39.NASL", "TOMCAT_6_0_41.NASL", "TOMCAT_6_0_42.NASL", "TOMCAT_6_0_44.NASL", "TOMCAT_6_0_45.NASL", "TOMCAT_7_0_12.NASL", "TOMCAT_7_0_19.NASL", "TOMCAT_7_0_2.NASL", "TOMCAT_7_0_21.NASL", "TOMCAT_7_0_23.NASL", "TOMCAT_7_0_28.NASL", "TOMCAT_7_0_30.NASL", "TOMCAT_7_0_32.NASL", "TOMCAT_7_0_33.NASL", "TOMCAT_7_0_4.NASL", "TOMCAT_7_0_40.NASL", "TOMCAT_7_0_47.NASL", "TOMCAT_7_0_5.NASL", "TOMCAT_7_0_50.NASL", "TOMCAT_7_0_53.NASL", "TOMCAT_7_0_54.NASL", "TOMCAT_7_0_55.NASL", "TOMCAT_7_0_59.NASL", "TOMCAT_7_0_6.NASL", "TOMCAT_7_0_65.NASL", "TOMCAT_7_0_68.NASL", "TOMCAT_7_0_8.NASL", "TOMCAT_8_0_0_RC10.NASL", "TOMCAT_8_0_17.NASL", "TOMCAT_8_0_30.NASL", "TOMCAT_8_0_32.NASL", "TOMCAT_8_0_43.NASL", "TOMCAT_8_0_5.NASL", "TOMCAT_8_0_8.NASL", "TOMCAT_8_0_9.NASL", "TOMCAT_8_5_13.NASL", "TOMCAT_8_5_5.NASL", "TOMCAT_8_5_8.NASL", "TOMCAT_9_0_0_M3.NASL", "TOMCAT_TRANSFER_ENCODING.NASL", "UBUNTU_USN-1048-1.NASL", "UBUNTU_USN-1097-1.NASL", "UBUNTU_USN-1252-1.NASL", "UBUNTU_USN-1359-1.NASL", "UBUNTU_USN-1637-1.NASL", "UBUNTU_USN-1685-1.NASL", "UBUNTU_USN-1841-1.NASL", "UBUNTU_USN-2130-1.NASL", "UBUNTU_USN-2302-1.NASL", "UBUNTU_USN-2654-1.NASL", "UBUNTU_USN-2655-1.NASL", "UBUNTU_USN-3024-1.NASL", "UBUNTU_USN-3177-1.NASL", "UBUNTU_USN-3177-2.NASL", "UBUNTU_USN-3519-1.NASL", "UBUNTU_USN-4495-1.NASL", "UBUNTU_USN-4557-1.NASL", "UBUNTU_USN-5998-1.NASL", "UBUNTU_USN-976-1.NASL", "VIRTUOZZO_VZLSA-2017-0527.NASL", "VIRTUOZZO_VZLSA-2017-0935.NASL", "VIRTUOZZO_VZLSA-2017-3080.NASL", "VMWARE_VCENTER_VMSA-2012-0005.NASL", "VMWARE_VCENTER_VMSA-2013-0006.NASL", "VMWARE_VCENTER_VMSA-2014-0008.NASL", "VMWARE_VMSA-2011-0003.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL", "VMWARE_VMSA-2012-0005.NASL", "VMWARE_VMSA-2012-0005_REMOTE.NASL", "VMWARE_VMSA-2014-0008.NASL", "WEBSPHERE_729557.NASL", "WEB_APPLICATION_SCANNING_112304"]}, {"type": "openvas", "idList": ["OPENVAS:103454", "OPENVAS:103457", "OPENVAS:103873", "OPENVAS:1361412562310100598", "OPENVAS:1361412562310100712", "OPENVAS:1361412562310103032", "OPENVAS:1361412562310103242", "OPENVAS:1361412562310103248", "OPENVAS:1361412562310103454", "OPENVAS:1361412562310103457", "OPENVAS:1361412562310103873", "OPENVAS:1361412562310105086", "OPENVAS:1361412562310105087", "OPENVAS:1361412562310105088", "OPENVAS:1361412562310120055", "OPENVAS:1361412562310120057", "OPENVAS:1361412562310120058", "OPENVAS:1361412562310120400", "OPENVAS:1361412562310120469", "OPENVAS:1361412562310120646", "OPENVAS:1361412562310120647", "OPENVAS:1361412562310120648", "OPENVAS:1361412562310120669", "OPENVAS:1361412562310120670", "OPENVAS:1361412562310120671", "OPENVAS:1361412562310121315", "OPENVAS:1361412562310122020", "OPENVAS:1361412562310122047", "OPENVAS:1361412562310122163", "OPENVAS:1361412562310122224", "OPENVAS:1361412562310122335", "OPENVAS:1361412562310122909", "OPENVAS:1361412562310123119", "OPENVAS:1361412562310123120", "OPENVAS:1361412562310123334", "OPENVAS:1361412562310123338", "OPENVAS:1361412562310123361", "OPENVAS:1361412562310123374", "OPENVAS:1361412562310123384", "OPENVAS:1361412562310123422", "OPENVAS:1361412562310123606", "OPENVAS:1361412562310123663", "OPENVAS:1361412562310123666", "OPENVAS:1361412562310123938", "OPENVAS:1361412562310123939", "OPENVAS:1361412562310131247", "OPENVAS:136141256231067355", "OPENVAS:136141256231068942", "OPENVAS:136141256231068994", "OPENVAS:136141256231069417", "OPENVAS:1361412562310702897", "OPENVAS:1361412562310703428", "OPENVAS:1361412562310703447", "OPENVAS:1361412562310703530", "OPENVAS:1361412562310703552", "OPENVAS:1361412562310703609", "OPENVAS:1361412562310703720", "OPENVAS:1361412562310703721", "OPENVAS:1361412562310703738", "OPENVAS:1361412562310703739", "OPENVAS:1361412562310703842", "OPENVAS:1361412562310703843", "OPENVAS:1361412562310704686", "OPENVAS:136141256231070718", "OPENVAS:136141256231070752", "OPENVAS:136141256231071550", "OPENVAS:136141256231072606", "OPENVAS:136141256231072607", "OPENVAS:1361412562310802336", "OPENVAS:1361412562310802378", "OPENVAS:1361412562310802384", "OPENVAS:1361412562310802415", "OPENVAS:1361412562310802678", "OPENVAS:1361412562310802679", "OPENVAS:1361412562310803636", "OPENVAS:1361412562310803637", "OPENVAS:1361412562310803781", "OPENVAS:1361412562310803782", "OPENVAS:1361412562310804519", "OPENVAS:1361412562310804520", "OPENVAS:1361412562310804855", "OPENVAS:1361412562310805018", "OPENVAS:1361412562310805019", "OPENVAS:1361412562310805474", "OPENVAS:1361412562310805701", "OPENVAS:1361412562310805702", "OPENVAS:1361412562310805703", "OPENVAS:1361412562310805704", "OPENVAS:1361412562310807404", "OPENVAS:1361412562310807407", "OPENVAS:1361412562310807408", "OPENVAS:1361412562310807411", "OPENVAS:1361412562310807412", "OPENVAS:1361412562310807415", "OPENVAS:1361412562310810182", "OPENVAS:1361412562310810184", "OPENVAS:1361412562310810717", "OPENVAS:1361412562310810718", "OPENVAS:1361412562310810730", "OPENVAS:1361412562310810762", "OPENVAS:1361412562310810763", "OPENVAS:1361412562310811298", "OPENVAS:1361412562310811703", "OPENVAS:1361412562310812057", "OPENVAS:1361412562310812058", "OPENVAS:1361412562310814409", "OPENVAS:1361412562310831148", "OPENVAS:1361412562310831151", "OPENVAS:1361412562310831333", "OPENVAS:1361412562310831472", "OPENVAS:1361412562310831618", "OPENVAS:1361412562310835243", "OPENVAS:1361412562310835253", "OPENVAS:1361412562310840485", "OPENVAS:1361412562310840574", "OPENVAS:1361412562310840622", "OPENVAS:1361412562310840803", "OPENVAS:1361412562310840899", "OPENVAS:1361412562310841222", "OPENVAS:1361412562310841274", "OPENVAS:1361412562310841442", "OPENVAS:1361412562310841741", "OPENVAS:1361412562310841921", "OPENVAS:1361412562310842260", "OPENVAS:1361412562310842262", "OPENVAS:1361412562310842823", "OPENVAS:1361412562310843024", "OPENVAS:1361412562310843035", "OPENVAS:1361412562310843407", "OPENVAS:1361412562310850210", "OPENVAS:1361412562310851245", "OPENVAS:1361412562310851257", "OPENVAS:1361412562310851455", "OPENVAS:1361412562310851503", "OPENVAS:1361412562310851553", "OPENVAS:1361412562310852991", "OPENVAS:1361412562310853247", "OPENVAS:1361412562310862500", "OPENVAS:1361412562310862502", "OPENVAS:1361412562310862627", "OPENVAS:1361412562310863592", "OPENVAS:1361412562310863594", "OPENVAS:1361412562310863609", "OPENVAS:1361412562310864057", "OPENVAS:1361412562310864616", "OPENVAS:1361412562310864957", "OPENVAS:1361412562310868212", "OPENVAS:1361412562310869037", "OPENVAS:1361412562310870302", "OPENVAS:1361412562310870525", "OPENVAS:1361412562310870585", "OPENVAS:1361412562310870626", "OPENVAS:1361412562310870651", "OPENVAS:1361412562310870714", "OPENVAS:1361412562310870739", "OPENVAS:1361412562310870958", "OPENVAS:1361412562310870965", "OPENVAS:1361412562310871000", "OPENVAS:1361412562310871011", "OPENVAS:1361412562310871159", "OPENVAS:1361412562310871181", "OPENVAS:1361412562310871196", "OPENVAS:1361412562310871200", "OPENVAS:1361412562310871223", "OPENVAS:1361412562310871225", "OPENVAS:1361412562310871367", "OPENVAS:1361412562310871368", "OPENVAS:1361412562310871581", "OPENVAS:1361412562310871669", "OPENVAS:1361412562310871670", "OPENVAS:1361412562310871701", "OPENVAS:1361412562310871773", "OPENVAS:1361412562310871795", "OPENVAS:1361412562310871857", "OPENVAS:1361412562310871877", "OPENVAS:1361412562310871971", "OPENVAS:1361412562310872149", "OPENVAS:1361412562310872150", "OPENVAS:1361412562310872157", "OPENVAS:1361412562310872623", "OPENVAS:1361412562310872624", "OPENVAS:1361412562310872637", "OPENVAS:1361412562310872638", "OPENVAS:1361412562310872757", "OPENVAS:1361412562310872759", "OPENVAS:1361412562310880632", "OPENVAS:1361412562310881059", "OPENVAS:1361412562310881065", "OPENVAS:1361412562310881140", "OPENVAS:1361412562310881269", "OPENVAS:1361412562310881445", "OPENVAS:1361412562310881687", "OPENVAS:1361412562310881689", "OPENVAS:1361412562310881741", "OPENVAS:1361412562310881750", "OPENVAS:1361412562310881927", "OPENVAS:1361412562310881960", "OPENVAS:1361412562310881986", "OPENVAS:1361412562310882020", "OPENVAS:1361412562310882179", "OPENVAS:1361412562310882188", "OPENVAS:1361412562310882434", "OPENVAS:1361412562310882575", "OPENVAS:1361412562310882576", "OPENVAS:1361412562310882682", "OPENVAS:1361412562310882690", "OPENVAS:1361412562310882795", "OPENVAS:1361412562310882796", "OPENVAS:1361412562310890924", "OPENVAS:1361412562310892065", "OPENVAS:1361412562310892725", "OPENVAS:1361412562310901114", "OPENVAS:1361412562311220161049", "OPENVAS:1361412562311220161054", "OPENVAS:1361412562311220171081", "OPENVAS:1361412562311220171082", "OPENVAS:1361412562311220171191", "OPENVAS:1361412562311220171192", "OPENVAS:1361412562311220171213", "OPENVAS:1361412562311220171214", "OPENVAS:1361412562311220171261", "OPENVAS:1361412562311220171262", "OPENVAS:67355", "OPENVAS:68942", "OPENVAS:68994", "OPENVAS:69417", "OPENVAS:702897", "OPENVAS:703428", "OPENVAS:703447", "OPENVAS:703530", "OPENVAS:703552", "OPENVAS:703609", "OPENVAS:703720", "OPENVAS:703721", "OPENVAS:703738", "OPENVAS:703739", "OPENVAS:703842", "OPENVAS:703843", "OPENVAS:70718", "OPENVAS:70752", "OPENVAS:71550", "OPENVAS:72607", "OPENVAS:802336", "OPENVAS:831148", "OPENVAS:831151", "OPENVAS:831333", "OPENVAS:831472", "OPENVAS:831618", "OPENVAS:835243", "OPENVAS:835253", "OPENVAS:840485", "OPENVAS:840574", "OPENVAS:840622", "OPENVAS:840803", "OPENVAS:840899", "OPENVAS:841222", "OPENVAS:841274", "OPENVAS:841442", "OPENVAS:841741", "OPENVAS:850210", "OPENVAS:862500", "OPENVAS:862502", "OPENVAS:862627", "OPENVAS:863592", "OPENVAS:863594", "OPENVAS:863609", "OPENVAS:864057", "OPENVAS:864616", "OPENVAS:864957", "OPENVAS:870302", "OPENVAS:870525", "OPENVAS:870585", "OPENVAS:870626", "OPENVAS:870651", "OPENVAS:870714", "OPENVAS:870739", "OPENVAS:870958", "OPENVAS:870965", "OPENVAS:871000", "OPENVAS:871011", "OPENVAS:871159", "OPENVAS:880632", "OPENVAS:881059", "OPENVAS:881065", "OPENVAS:881140", "OPENVAS:881269", "OPENVAS:881445", "OPENVAS:881687", "OPENVAS:881689", "OPENVAS:881741", "OPENVAS:881750", "OPENVAS:881927", "OPENVAS:892725"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2015", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2018", "ORACLE:CPUAPR2019", "ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2013-1515902", "ORACLE:CPUJAN2014-1972949", "ORACLE:CPUJAN2015", "ORACLE:CPUJAN2017", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJAN2023", "ORACLE:CPUJUL2014-1972956", "ORACLE:CPUJUL2015", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2014-1972960", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0580", "ELSA-2011-0335", "ELSA-2011-0791", "ELSA-2011-1780", "ELSA-2011-1845", "ELSA-2012-0474", "ELSA-2012-0475", "ELSA-2013-0623", "ELSA-2013-0640", "ELSA-2013-0964", "ELSA-2014-0429", "ELSA-2014-0686", "ELSA-2014-0827", "ELSA-2014-0865", "ELSA-2014-1034", "ELSA-2014-1038", "ELSA-2015-0983", "ELSA-2015-0991", "ELSA-2016-0492", "ELSA-2016-2045", "ELSA-2016-2046", "ELSA-2016-2599", "ELSA-2017-0527", "ELSA-2017-0935", "ELSA-2017-1809", "ELSA-2017-2247", "ELSA-2017-2423", "ELSA-2017-3080", "ELSA-2017-3081", "ELSA-2022-9419"]}, {"type": "osv", "idList": ["OSV:DLA-2065-1", "OSV:DLA-232-1", "OSV:DLA-2852-1", "OSV:DLA-435-1", "OSV:DLA-728-1", "OSV:DLA-729-1", "OSV:DLA-746-1", "OSV:DLA-746-2", "OSV:DLA-753-1", "OSV:DLA-779-1", "OSV:DLA-91-1", "OSV:DLA-91-2", "OSV:DLA-924-1", "OSV:DLA-924-2", "OSV:DSA-2160-1", "OSV:DSA-2207-1", "OSV:DSA-2401-1", "OSV:DSA-2725-1", "OSV:DSA-2897-1", "OSV:DSA-3428-1", "OSV:DSA-3447-1", "OSV:DSA-3530-1", "OSV:DSA-3552-1", "OSV:DSA-3609-1", "OSV:DSA-3720-1", "OSV:DSA-3721-1", "OSV:DSA-3738-1", "OSV:DSA-3739-1", "OSV:DSA-3842-1", "OSV:DSA-3843-1", "OSV:DSA-4686-1", "OSV:DSA-5020-1", "OSV:GHSA-28CQ-6RMX-PJQ4", "OSV:GHSA-2QRG-X229-3V8Q", "OSV:GHSA-2RVF-329F-P99G", "OSV:GHSA-3GV7-3H64-78CM", "OSV:GHSA-3P86-XGRQ-M6P6", "OSV:GHSA-42J3-498Q-M6VP", "OSV:GHSA-475F-74WP-PQV5", "OSV:GHSA-4C43-CWVX-9CRH", "OSV:GHSA-4F7H-9J2X-CMR4", "OSV:GHSA-4V3G-G84W-HV7R", "OSV:GHSA-6CR4-7C7P-P3XV", "OSV:GHSA-6M48-JXWX-76Q7", "OSV:GHSA-6QR6-X7JM-X2Q6", "OSV:GHSA-6VX3-HR43-CFRH", "OSV:GHSA-76VR-72MV-MF3Q", "OSV:GHSA-87W9-X2C3-HRJJ", "OSV:GHSA-8H2Q-QM9X-55JC", "OSV:GHSA-99RF-92V6-CWX4", "OSV:GHSA-9GGM-7897-X4MG", "OSV:GHSA-9XRJ-439H-62HG", "OSV:GHSA-C78G-QWPW-2JGV", "OSV:GHSA-FXPH-Q3J8-MV87", "OSV:GHSA-GC58-V8H3-X2GR", "OSV:GHSA-HFFM-FQV4-W27R", "OSV:GHSA-JC7P-5R39-9477", "OSV:GHSA-JGM2-M5CG-F66G", "OSV:GHSA-MV42-PX54-87JW", "OSV:GHSA-PRC3-7F44-W48J", "OSV:GHSA-PXCX-CXQ8-4MMW", "OSV:GHSA-Q9XF-JWR4-V445", "OSV:GHSA-QPRX-Q2R7-3RX6", "OSV:GHSA-RH8Q-VJGF-GF74", "OSV:GHSA-V6C7-8QX5-8GMP", "OSV:GHSA-VWQQ-5VRC-XW9H", "OSV:GHSA-W6Q7-WW2X-7GM3", "OSV:GHSA-WR3M-GW98-MC3J", "OSV:GHSA-WXCP-F2C8-X6XV", "OSV:GHSA-XH5X-J8JF-PCPX"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:141920", "PACKETSTORM:155873", "PACKETSTORM:98176"]}, {"type": "redhat", "idList": ["RHSA-2010:0580", "RHSA-2010:0581", "RHSA-2010:0582", "RHSA-2010:0583", "RHSA-2010:0584", "RHSA-2011:0335", "RHSA-2011:0348", "RHSA-2011:0791", "RHSA-2011:0897", "RHSA-2011:1780", "RHSA-2011:1845", "RHSA-2012:0041", "RHSA-2012:0074", "RHSA-2012:0075", "RHSA-2012:0076", "RHSA-2012:0474", "RHSA-2012:0475", "RHSA-2012:0679", "RHSA-2012:0680", "RHSA-2012:0681", "RHSA-2012:0682", "RHSA-2012:1331", "RHSA-2013:0004", "RHSA-2013:0005", "RHSA-2013:0146", "RHSA-2013:0147", "RHSA-2013:0151", "RHSA-2013:0157", "RHSA-2013:0158", "RHSA-2013:0162", "RHSA-2013:0163", "RHSA-2013:0164", "RHSA-2013:0191", "RHSA-2013:0192", "RHSA-2013:0194", "RHSA-2013:0195", "RHSA-2013:0196", "RHSA-2013:0198", "RHSA-2013:0221", "RHSA-2013:0235", "RHSA-2013:0265", "RHSA-2013:0266", "RHSA-2013:0267", "RHSA-2013:0268", "RHSA-2013:0623", "RHSA-2013:0629", "RHSA-2013:0631", "RHSA-2013:0632", "RHSA-2013:0640", "RHSA-2013:0641", "RHSA-2013:0642", "RHSA-2013:0647", "RHSA-2013:0648", "RHSA-2013:0726", "RHSA-2013:0833", "RHSA-2013:0834", "RHSA-2013:0839", "RHSA-2013:0869", "RHSA-2013:0964", "RHSA-2013:1006", "RHSA-2013:1011", "RHSA-2013:1012", "RHSA-2013:1193", "RHSA-2013:1194", "RHSA-2013:1853", "RHSA-2014:0343", "RHSA-2014:0344", "RHSA-2014:0345", "RHSA-2014:0374", "RHSA-2014:0429", "RHSA-2014:0458", "RHSA-2014:0459", "RHSA-2014:0511", "RHSA-2014:0525", "RHSA-2014:0526", "RHSA-2014:0527", "RHSA-2014:0528", "RHSA-2014:0686", "RHSA-2014:0827", "RHSA-2014:0833", "RHSA-2014:0834", "RHSA-2014:0835", "RHSA-2014:0836", "RHSA-2014:0842", "RHSA-2014:0843", "RHSA-2014:0865", "RHSA-2014:0895", "RHSA-2014:1034", "RHSA-2014:1038", "RHSA-2014:1087", "RHSA-2014:1088", "RHSA-2014:1149", "RHSA-2014:1904", "RHSA-2015:0091", "RHSA-2015:0234", "RHSA-2015:0235", "RHSA-2015:0675", "RHSA-2015:0720", "RHSA-2015:0765", "RHSA-2015:0983", "RHSA-2015:0991", "RHSA-2015:1009", "RHSA-2015:1622", "RHSA-2015:2659", "RHSA-2015:2660", "RHSA-2016:0492", "RHSA-2016:0595", "RHSA-2016:0596", "RHSA-2016:0597", "RHSA-2016:0598", "RHSA-2016:1087", "RHSA-2016:1088", "RHSA-2016:1432", "RHSA-2016:1433", "RHSA-2016:1434", "RHSA-2016:1435", "RHSA-2016:2045", "RHSA-2016:2046", "RHSA-2016:22545", "RHSA-2016:2599", "RHSA-2016:2807", "RHSA-2016:2808", "RHSA-2017:0244", "RHSA-2017:0245", "RHSA-2017:0246", "RHSA-2017:0247", "RHSA-2017:0250", "RHSA-2017:0455", "RHSA-2017:0456", "RHSA-2017:0457", "RHSA-2017:0527", "RHSA-2017:0935", "RHSA-2017:1417", "RHSA-2017:1548", "RHSA-2017:1549", "RHSA-2017:1550", "RHSA-2017:1551", "RHSA-2017:1552", "RHSA-2017:1801", "RHSA-2017:1802", "RHSA-2017:2247", "RHSA-2017:2423", "RHSA-2017:2493", "RHSA-2017:2494", "RHSA-2017:2633", "RHSA-2017:2635", "RHSA-2017:2636", "RHSA-2017:2637", "RHSA-2017:2638", "RHSA-2017:2808", "RHSA-2017:2809", "RHSA-2017:2810", "RHSA-2017:2811", "RHSA-2017:2888", "RHSA-2017:2889", "RHSA-2017:3080", "RHSA-2017:3081", "RHSA-2017:3244", "RHSA-2017:3399", "RHSA-2017:3400", "RHSA-2019:1545", "RHSA-2020:2391", "RHSA-2020:3626", "RHSA-2020:3779", "RHSA-2020:3817", "RHSA-2020:5568", "RHSA-2021:0603", "RHSA-2021:1044", "RHSA-2021:3140", "RHSA-2021:5134", "RHSA-2022:0497", "RHSA-2022:0507", "RHSA-2022:5053"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-6794", "RH:CVE-2016-6816", "RH:CVE-2017-5645", "RH:CVE-2017-5647", "RH:CVE-2019-17571", "RH:CVE-2020-8022", "RH:CVE-2020-9488"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23687", "SECURITYVULNS:DOC:24207", "SECURITYVULNS:DOC:25181", "SECURITYVULNS:DOC:25621", "SECURITYVULNS:DOC:25623", "SECURITYVULNS:DOC:25624", "SECURITYVULNS:DOC:26655", "SECURITYVULNS:DOC:26953", "SECURITYVULNS:DOC:27069", "SECURITYVULNS:DOC:27155", "SECURITYVULNS:DOC:27826", "SECURITYVULNS:DOC:28773", "SECURITYVULNS:DOC:28802", "SECURITYVULNS:DOC:28803", "SECURITYVULNS:DOC:28804", "SECURITYVULNS:DOC:29396", "SECURITYVULNS:DOC:29397", "SECURITYVULNS:DOC:29650", "SECURITYVULNS:DOC:30326", "SECURITYVULNS:DOC:30327", "SECURITYVULNS:DOC:30328", "SECURITYVULNS:DOC:30343", "SECURITYVULNS:DOC:30752", "SECURITYVULNS:DOC:30754", "SECURITYVULNS:DOC:30756", "SECURITYVULNS:DOC:31079", "SECURITYVULNS:DOC:31682", "SECURITYVULNS:DOC:31745", "SECURITYVULNS:DOC:32025", "SECURITYVULNS:DOC:32123", "SECURITYVULNS:VULN:10784", "SECURITYVULNS:VULN:10986", "SECURITYVULNS:VULN:11269", "SECURITYVULNS:VULN:11406", "SECURITYVULNS:VULN:11792", "SECURITYVULNS:VULN:11888", "SECURITYVULNS:VULN:11927", "SECURITYVULNS:VULN:11973", "SECURITYVULNS:VULN:12149", "SECURITYVULNS:VULN:12279", "SECURITYVULNS:VULN:12725", "SECURITYVULNS:VULN:12747", "SECURITYVULNS:VULN:12836", "SECURITYVULNS:VULN:13080", "SECURITYVULNS:VULN:13207", "SECURITYVULNS:VULN:13537", "SECURITYVULNS:VULN:13578", "SECURITYVULNS:VULN:13590", "SECURITYVULNS:VULN:13783", "SECURITYVULNS:VULN:13868", "SECURITYVULNS:VULN:13964", "SECURITYVULNS:VULN:14031", "SECURITYVULNS:VULN:14233", "SECURITYVULNS:VULN:14280", "SECURITYVULNS:VULN:14393", "SECURITYVULNS:VULN:14462", "SECURITYVULNS:VULN:14601"]}, {"type": "seebug", "idList": ["SSV:19493", "SSV:19510", "SSV:20737", "SSV:20802", "SSV:30033", "SSV:60497", "SSV:60498", "SSV:60814", "SSV:60818", "SSV:60828", "SSV:61553", "SSV:61573", "SSV:61594", "SSV:61595", "SSV:61596", "SSV:68397", "SSV:72458", "SSV:92678", "SSV:92965"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:0208-1", "OPENSUSE-SU-2016:0865-1", "OPENSUSE-SU-2016:3129-1", "OPENSUSE-SU-2016:3144-1", "OPENSUSE-SU-2017:1292-1", "OPENSUSE-SU-2020:0051-1", "OPENSUSE-SU-2020:0911-1", "SUSE-SU-2012:0155-1", "SUSE-SU-2016:0769-1", "SUSE-SU-2016:0822-1", "SUSE-SU-2016:0839-1", "SUSE-SU-2016:3079-1", "SUSE-SU-2016:3081-1", "SUSE-SU-2017:1229-1", "SUSE-SU-2017:1382-1", "SUSE-SU-2017:1632-1", "SUSE-SU-2017:1660-1"]}, {"type": "symantec", "idList": ["SMNTC-111264", "SMNTC-1329", "SMNTC-1353", "SMNTC-1419", "SMNTC-97702"]}, {"type": "thn", "idList": ["THN:109F3CE2A5819B3E1345F63EBB346D6C", "THN:523B1918A8FF34F0AEA29BC9BA1A87F7"]}, {"type": "threatpost", "idList": ["THREATPOST:130B2583BEBB3DC417543F1FAB8B38EE", "THREATPOST:2CC2BD1F67B44EC21DA3B6C9FFFE676C"]}, {"type": "tomcat", "idList": ["TOMCAT:00302244B8EC1609058A7D794F9472C7", "TOMCAT:069B7EBB4E58EC2D5411D908E561D693", "TOMCAT:0DBA25EA40A6FEBF5FD9039D7F60718E", "TOMCAT:1175049C7D69C5CB1659C6031402BD19", "TOMCAT:1588F78F09C29F9BFC123F6CFF7D5AA9", "TOMCAT:15CD6728C2514DB3DDC5BB2791C15B30", "TOMCAT:15FF6DF1B5DE765DF9A478C8E8034759", "TOMCAT:17C084F4766F9132988E022F51470E73", "TOMCAT:19B8FA4EC945FD0929C4EAC0F08D41F7", "TOMCAT:1C57B8A512794370194BE52DB897DDB3", "TOMCAT:1CB3810E65438752A9D2B074EFE36CB9", "TOMCAT:1F88AED82411526AE64D4E54A393CB51", "TOMCAT:34B8E0132E7832F3AE76A036F797C1D3", "TOMCAT:3594E2AFE5FA0E4544AECF1CFE736974", "TOMCAT:3AE05A18B72609BB98558765B03067B8", "TOMCAT:3BE7322A30732B9FCCD5C138E261173F", "TOMCAT:3C2EFFD303CA0E5F9DAE3B675F2C2065", "TOMCAT:3FAC6BB614BBE0076581BA0B6BB749B1", "TOMCAT:4659DEAC38E318C13712A886F48A7052", "TOMCAT:4C0559742ED28D4905A11CC802782CFE", "TOMCAT:4FEF3224A3B841D1683CF58ECA4F4632", "TOMCAT:565F6CBE456BA5297C9079BB2E38BCC5", "TOMCAT:5CF1AC4DD8BA54DDC8B420B82C25DBD7", "TOMCAT:604E2DE63F4E10D22151D29C4D2E7487", "TOMCAT:6A4BFE59973660D515D03A0117A1C709", "TOMCAT:6F3CF30F050AD71F2AA3CBA974714EC9", "TOMCAT:7860263723E0BE311D5BD108E603D9BF", "TOMCAT:78606D52CD7CECE336FC03BEC8BAFD03", "TOMCAT:790F7EF00EBD814D5B55BBA9ADFAB91D", "TOMCAT:7D6CD3E96720C9A9ADA5A59DBEF3B7ED", "TOMCAT:7F7A3E46EFAC8D1C471A3C1CB35948A4", "TOMCAT:7FF5C8CC86A7AF5DA33F4B5874774B9B", "TOMCAT:821BD4F9C3B2B6B4987D4BA9A9211D70", "TOMCAT:821F7BD89AAB59FFA98BF04DB2CB99B2", "TOMCAT:83EBFA4095E1BC19531C4F80F79B499B", "TOMCAT:8423D2ED2F8751548B2F3411FE07D05F", "TOMCAT:849CF1402BC4CAFABDA4ED36FA85F4FA", "TOMCAT:8791F7CDB0177860DFE60DFA1152CCD9", "TOMCAT:937E284FF802C2D5A6E9C8A59AB6C822", "TOMCAT:9E43DA1677EA0537439D1A6D19A16EC5", "TOMCAT:9F74434D476EC57FD6BAD357116860DD", "TOMCAT:A0ABC9DEF20FFFC75FE2C962D481E813", "TOMCAT:A98AD8015F0769C8A7E26579E64B5C0C", "TOMCAT:A9CA732DCFA521DE2F3F29229243BBA2", "TOMCAT:AC89226F467ACA1B5EE7147D39391784", "TOMCAT:AC9AF3D10DBAE18A531119F07C58B416", "TOMCAT:B1319C32D6CC051C1213CFD338FD99C3", "TOMCAT:B34608AC39E41A48C158DAC3326F86C0", "TOMCAT:B381EB137FE969CF22F68315CBD8CA51", "TOMCAT:BE318FD56BD13396D4764B1FB7B15BCB", "TOMCAT:CD22C348F4620666ACC68ACA6AF1EB98", "TOMCAT:D0C233C8F4A89CE9F38AE85B31A58AB3", "TOMCAT:DA0F02B918514372365112BFE10C2052", "TOMCAT:DA27CFA745026609962C185F86E4D285", "TOMCAT:DB944B118F9B26AA34A993C1D9DF505F", "TOMCAT:DCB8C0E7C96DD2367CF48625F7A47EDF", "TOMCAT:E1DC6AFC3CA2A246D554966278B61DC6", "TOMCAT:EA3D2D7C5F724461ADF487B3F1B37FFE", "TOMCAT:EA4ED950D02D1F036AB2297B7E4A7048", "TOMCAT:EF109962CD817D1B323F904D966A1DB0", "TOMCAT:F0F8FE52B35B4B90B6C6B9412F88CA1B", "TOMCAT:F487A67EC81D506C39393DA2E9CF2F97"]}, {"type": "ubuntu", "idList": ["USN-1048-1", "USN-1097-1", "USN-1252-1", "USN-1359-1", "USN-1637-1", "USN-1685-1", "USN-1841-1", "USN-2130-1", "USN-2302-1", "USN-2654-1", "USN-2655-1", "USN-3024-1", "USN-3177-1", "USN-3177-2", "USN-3519-1", "USN-4495-1", "USN-4557-1", "USN-5998-1", "USN-976-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-1157", "UB:CVE-2010-2227", "UB:CVE-2010-3718", "UB:CVE-2010-4172", "UB:CVE-2010-4312", "UB:CVE-2011-0013", "UB:CVE-2011-0534", "UB:CVE-2011-1184", "UB:CVE-2011-2526", "UB:CVE-2011-3190", "UB:CVE-2011-4858", "UB:CVE-2011-5062", "UB:CVE-2011-5063", "UB:CVE-2011-5064", "UB:CVE-2012-0022", "UB:CVE-2012-2733", "UB:CVE-2012-3544", "UB:CVE-2012-3546", "UB:CVE-2012-4431", "UB:CVE-2012-4534", "UB:CVE-2012-5885", "UB:CVE-2012-5886", "UB:CVE-2012-5887", "UB:CVE-2013-2051", "UB:CVE-2013-2067", "UB:CVE-2013-2185", "UB:CVE-2013-4286", "UB:CVE-2013-4322", "UB:CVE-2013-4444", "UB:CVE-2013-4590", "UB:CVE-2014-0075", "UB:CVE-2014-0096", "UB:CVE-2014-0099", "UB:CVE-2014-0119", "UB:CVE-2014-0227", "UB:CVE-2014-0230", "UB:CVE-2014-7810", "UB:CVE-2015-5174", "UB:CVE-2015-5345", "UB:CVE-2016-0706", "UB:CVE-2016-0714", "UB:CVE-2016-0762", "UB:CVE-2016-5018", "UB:CVE-2016-6794", "UB:CVE-2016-6796", "UB:CVE-2016-6816", "UB:CVE-2017-5645", "UB:CVE-2017-5647", "UB:CVE-2017-6056", "UB:CVE-2019-17571", "UB:CVE-2020-9488"]}, {"type": "veracode", "idList": ["VERACODE:10733", "VERACODE:10808", "VERACODE:10982", "VERACODE:11013", "VERACODE:11064", "VERACODE:11068", "VERACODE:11180", "VERACODE:11230", "VERACODE:11259", "VERACODE:11314", "VERACODE:11560", "VERACODE:11682", "VERACODE:11887", "VERACODE:11991", "VERACODE:12061", "VERACODE:12289", "VERACODE:12348", "VERACODE:12454", "VERACODE:12485", "VERACODE:14294", "VERACODE:14297", "VERACODE:14298", "VERACODE:14299", "VERACODE:14300", "VERACODE:14358", "VERACODE:14359", "VERACODE:14360", "VERACODE:15553", "VERACODE:22224", "VERACODE:25078", "VERACODE:3596", "VERACODE:3860", "VERACODE:3876", "VERACODE:3919"]}, {"type": "vmware", "idList": ["VMSA-2012-0005", "VMSA-2012-0005.4", "VMSA-2013-0006", "VMSA-2013-0006.1", "VMSA-2014-0008", "VMSA-2014-0008.2"]}, {"type": "zdt", "idList": ["1337DAY-ID-27485"]}]}, "affected_software": {"major_version": [{"name": "sterling b2b integrator", "version": 5}, {"name": "sterling b2b integrator", "version": 6}]}, "epss": [{"cve": "CVE-2010-1157", "epss": 0.13345, "percentile": 0.94697, "modified": "2023-05-02"}, {"cve": "CVE-2010-2227", "epss": 0.47156, "percentile": 0.96888, "modified": "2023-05-02"}, {"cve": "CVE-2010-3718", "epss": 0.0024, "percentile": 0.60513, "modified": "2023-05-02"}, {"cve": "CVE-2010-4172", "epss": 0.00994, "percentile": 0.81346, "modified": "2023-05-02"}, {"cve": "CVE-2010-4312", "epss": 0.00203, "percentile": 0.56718, "modified": "2023-05-02"}, {"cve": "CVE-2011-0013", "epss": 0.0012, "percentile": 0.44774, "modified": "2023-05-02"}, {"cve": "CVE-2011-0534", "epss": 0.01214, "percentile": 0.83219, "modified": "2023-05-02"}, {"cve": "CVE-2011-1184", "epss": 0.00181, "percentile": 0.53758, "modified": "2023-05-01"}, {"cve": "CVE-2011-2526", "epss": 0.00046, "percentile": 0.14066, "modified": "2023-05-02"}, {"cve": "CVE-2011-3190", "epss": 0.00573, "percentile": 0.74679, "modified": "2023-05-02"}, {"cve": "CVE-2011-4858", "epss": 0.79902, "percentile": 0.97774, "modified": "2023-05-02"}, {"cve": "CVE-2011-5062", "epss": 0.00181, "percentile": 0.53766, "modified": "2023-05-02"}, {"cve": "CVE-2011-5063", "epss": 0.003, "percentile": 0.64909, "modified": "2023-05-02"}, {"cve": "CVE-2011-5064", "epss": 0.00267, "percentile": 0.62776, "modified": "2023-05-02"}, {"cve": "CVE-2012-0022", "epss": 0.11, "percentile": 0.94242, "modified": "2023-05-02"}, {"cve": "CVE-2012-2733", "epss": 0.12168, "percentile": 0.94508, "modified": "2023-05-01"}, {"cve": "CVE-2012-3544", "epss": 0.93397, "percentile": 0.9858, "modified": "2023-05-01"}, {"cve": "CVE-2012-3546", "epss": 0.0029, "percentile": 0.64371, "modified": "2023-05-01"}, {"cve": "CVE-2012-4431", "epss": 0.00278, "percentile": 0.63535, "modified": "2023-05-01"}, {"cve": "CVE-2012-4534", "epss": 0.92371, "percentile": 0.98445, "modified": "2023-05-01"}, {"cve": "CVE-2012-5885", "epss": 0.0017, "percentile": 0.52638, "modified": "2023-05-01"}, {"cve": "CVE-2012-5886", "epss": 0.00338, "percentile": 0.66998, "modified": "2023-05-01"}, {"cve": "CVE-2012-5887", "epss": 0.00338, "percentile": 0.66998, "modified": "2023-05-01"}, {"cve": "CVE-2013-2067", "epss": 0.0098, "percentile": 0.81203, "modified": "2023-05-01"}, {"cve": "CVE-2013-2185", "epss": 0.00265, "percentile": 0.62574, "modified": "2023-05-01"}, {"cve": "CVE-2013-4286", "epss": 0.00525, "percentile": 0.73493, "modified": "2023-05-01"}, {"cve": "CVE-2013-4322", "epss": 0.94941, "percentile": 0.98851, "modified": "2023-05-01"}, {"cve": "CVE-2013-4444", "epss": 0.06695, "percentile": 0.92759, "modified": "2023-05-01"}, {"cve": "CVE-2013-4590", "epss": 0.00156, "percentile": 0.50535, "modified": "2023-05-01"}, {"cve": "CVE-2014-0075", "epss": 0.02945, "percentile": 0.8933, "modified": "2023-05-01"}, {"cve": "CVE-2014-0096", "epss": 0.00129, "percentile": 0.46229, "modified": "2023-05-01"}, {"cve": "CVE-2014-0099", "epss": 0.0041, "percentile": 0.70041, "modified": "2023-05-01"}, {"cve": "CVE-2014-0119", "epss": 0.00169, "percentile": 0.52352, "modified": "2023-05-01"}, {"cve": "CVE-2014-0227", "epss": 0.95368, "percentile": 0.98977, "modified": "2023-05-01"}, {"cve": "CVE-2014-0230", "epss": 0.04611, "percentile": 0.91329, "modified": "2023-05-01"}, {"cve": "CVE-2014-7810", "epss": 0.00289, "percentile": 0.64276, "modified": "2023-05-01"}, {"cve": "CVE-2015-5174", "epss": 0.00178, "percentile": 0.53479, "modified": "2023-05-01"}, {"cve": "CVE-2015-5345", "epss": 0.00301, "percentile": 0.64971, "modified": "2023-05-01"}, {"cve": "CVE-2016-0706", "epss": 0.00272, "percentile": 0.6313, "modified": "2023-05-01"}, {"cve": "CVE-2016-0714", "epss": 0.00726, "percentile": 0.77897, "modified": "2023-05-01"}, {"cve": "CVE-2016-0762", "epss": 0.00188, "percentile": 0.54843, "modified": "2023-05-01"}, {"cve": "CVE-2016-5018", "epss": 0.00234, "percentile": 0.59979, "modified": "2023-05-01"}, {"cve": "CVE-2016-6794", "epss": 0.0013, "percentile": 0.46492, "modified": "2023-05-01"}, {"cve": "CVE-2016-6796", "epss": 0.00153, "percentile": 0.50121, "modified": "2023-05-01"}, {"cve": "CVE-2016-6816", "epss": 0.00262, "percentile": 0.6235, "modified": "2023-05-01"}, {"cve": "CVE-2017-5645", "epss": 0.03119, "percentile": 0.89614, "modified": "2023-05-01"}, {"cve": "CVE-2017-5647", "epss": 0.00494, "percentile": 0.72672, "modified": "2023-05-01"}, {"cve": "CVE-2019-17571", "epss": 0.97471, "percentile": 0.99935, "modified": "2023-05-01"}, {"cve": "CVE-2020-8022", "epss": 0.00042, "percentile": 0.05657, "modified": "2023-05-01"}, {"cve": "CVE-2020-9488", "epss": 0.0026, "percentile": 0.62223, "modified": "2023-05-01"}], "vulnersScore": 10.9}, "_state": {"dependencies": 0, "score": 1686149893, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "6e274a1d2d0952967da05e20ba556ca1"}, "affectedSoftware": [{"version": "5.2.0.0", "operator": "eq", "name": "sterling b2b integrator"}, {"version": "6.1.1.0", "operator": "eq", "name": "sterling b2b integrator"}]}

{"debian": [{"lastseen": "2023-05-02T16:39:53", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2725-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJuly 18, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat6\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-3544 CVE-2013-2067\n\nTwo security issues have been found in the Tomcat servlet and JSP engine:\n\nCVE-2012-3544\n\n The input filter for chunked transfer encodings could trigger high \n resource consumption through malformed CRLF sequences, resulting in \n denial of service.\n\nCVE-2013-2067\n\n The FormAuthenticator module was vulnerable to session fixation.\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 6.0.35-1+squeeze3. This update also provides fixes for \nCVE-2012-2733,CVE-2012-3546,CVE-2012-4431, CVE-2012-4534,CVE-2012-5885,\nCVE-2012-5886 and CVE-2012-5887, which were all fixed for stable already.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 6.0.35-6+deb7u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your tomcat6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-07-18T17:58:50", "type": "debian", "title": "[SECURITY] [DSA 2725-1] tomcat6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2733", "CVE-2012-3544", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887", "CVE-2013-2067"], "modified": "2013-07-18T17:58:50", "id": "DEBIAN:DSA-2725-1:3350C", "href": "https://lists.debian.org/debian-security-announce/2013/msg00134.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-02T16:10:40", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3530-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 25, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat6\nCVE ID : CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 \n CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119\n CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174\n CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706\n CVE-2016-0714 CVE-2016-0763\n\nMultiple security vulnerabilities have been fixed in the Tomcat servlet\nand JSP engine, which may result on bypass of security manager\nrestrictions, information disclosure, denial of service or session\nfixation.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 6.0.45+dfsg-1~deb7u1.\n\nWe recommend that you upgrade your tomcat6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-03-25T18:47:56", "type": "debian", "title": "[SECURITY] [DSA 3530-1] tomcat6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4286", "CVE-2013-4322", "CVE-2013-4590", "CVE-2014-0033", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810", "CVE-2015-5174", "CVE-2015-5345", "CVE-2015-5346", "CVE-2015-5351", "CVE-2016-0706", "CVE-2016-0714", "CVE-2016-0763"], "modified": "2016-03-25T18:47:56", "id": "DEBIAN:DSA-3530-1:6A530", "href": "https://lists.debian.org/debian-security-announce/2016/msg00104.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-04-29T16:53:23", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2401-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 02, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat6\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-3190 \n CVE-2011-3375 CVE-2011-4858 CVE-2011-5062 CVE-2011-5063 \n CVE-2011-5064 CVE-2012-0022 \n\nSeveral vulnerabilities have been found in Tomcat, a servlet and JSP \nengine:\n\nCVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064\n\n The HTTP Digest Access Authentication implementation performed\n insufficient countermeasures against replay attacks.\n\nCVE-2011-2204\n\n In rare setups passwords were written into a logfile.\n\nCVE-2011-2526\n \n Missing input sanisiting in the HTTP APR or HTTP NIO connectors\n could lead to denial of service.\n\nCVE-2011-3190\n\n AJP requests could be spoofed in some setups.\n\nCVE-2011-3375\n\n Incorrect request caching could lead to information disclosure.\n\nCVE-2011-4858 CVE-2012-0022\n\n This update adds countermeasures against a collision denial of \n service vulnerability in the Java hashtable implementation and\n addresses denial of service potentials when processing large\n amounts of requests.\n\nAdditional information can be \nfound at http://tomcat.apache.org/security-6.html \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.35-1+squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.35-1.\n\nWe recommend that you upgrade your tomcat6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-02-02T19:29:50", "type": "debian", "title": "[SECURITY] [DSA 2401-1] tomcat6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-3375", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022"], "modified": "2012-02-02T19:29:50", "id": "DEBIAN:DSA-2401-1:5C59D", "href": "https://lists.debian.org/debian-security-announce/2012/msg00025.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T22:36:58", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3447-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 17, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat7\nCVE ID : CVE-2014-7810\n\nIt was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 7.0.28-4+deb7u3. This update also provides fixes for\nCVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227 and\nCVE-2014-0230, which were all fixed for the stable distribution (jessie)\nalready.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 7.0.61-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.0.61-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2016-01-17T15:47:11", "type": "debian", "title": "[SECURITY] [DSA 3447-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4444", "CVE-2014-0075", "CVE-2014-0099", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810"], "modified": "2016-01-17T15:47:11", "id": "DEBIAN:DSA-3447-1:BF5C1", "href": "https://lists.debian.org/debian-security-announce/2016/msg00017.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-02T16:14:40", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3447-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 17, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat7\nCVE ID : CVE-2014-7810\n\nIt was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 7.0.28-4+deb7u3. This update also provides fixes for\nCVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227 and\nCVE-2014-0230, which were all fixed for the stable distribution (jessie)\nalready.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 7.0.61-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.0.61-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2016-01-17T15:47:11", "type": "debian", "title": "[SECURITY] [DSA 3447-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4444", "CVE-2014-0075", "CVE-2014-0099", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810"], "modified": "2016-01-17T15:47:11", "id": "DEBIAN:DSA-3447-1:CE269", "href": "https://lists.debian.org/debian-security-announce/2016/msg00017.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-02T16:57:59", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2160-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 13, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat6\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-3718 CVE-2011-0013 CVE-2011-0534\nDebian Bug : 612257\n\nSeveral vulnerabilities were discovered in the Tomcat Servlet and JSP\nengine:\n\nCVE-2010-3718\n\n It was discovered that the SecurityManager insufficiently\n restricted the working directory.\n\nCVE-2011-0013\n\n It was discovered that the HTML manager interface is affected\n by cross-site scripting.\n\nCVE-2011-0534\n\n It was discovered that NIO connector performs insufficient\n validation of the HTTP headers, which could lead to denial\n of service.\n\nThe oldstable distribution (lenny) is not affected by these issues.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.28-9+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.28-10.\n\nWe recommend that you upgrade your tomcat6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-02-13T18:36:11", "type": "debian", "title": "[SECURITY] [DSA 2160-1] tomcat6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3718", "CVE-2011-0013", "CVE-2011-0534"], "modified": "2011-02-13T18:36:11", "id": "DEBIAN:DSA-2160-1:C8CCD", "href": "https://lists.debian.org/debian-security-announce/2011/msg00025.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-07-21T08:29:42", "description": "\nTwo security issues have been found in the Tomcat servlet and JSP engine:\n\n\n* [CVE-2012-3544](https://security-tracker.debian.org/tracker/CVE-2012-3544)\nThe input filter for chunked transfer encodings could trigger high\n resource consumption through malformed CRLF sequences, resulting in\n denial of service.\n* [CVE-2013-2067](https://security-tracker.debian.org/tracker/CVE-2013-2067)\nThe FormAuthenticator module was vulnerable to session fixation.\n\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 6.0.35-1+squeeze3. This update also provides fixes for\n[CVE-2012-2733](https://security-tracker.debian.org/tracker/CVE-2012-2733),\n[CVE-2012-3546](https://security-tracker.debian.org/tracker/CVE-2012-3546),\n[CVE-2012-4431](https://security-tracker.debian.org/tracker/CVE-2012-4431),\n[CVE-2012-4534](https://security-tracker.debian.org/tracker/CVE-2012-4534),\n[CVE-2012-5885](https://security-tracker.debian.org/tracker/CVE-2012-5885),\n[CVE-2012-5886](https://security-tracker.debian.org/tracker/CVE-2012-5886) and\n[CVE-2012-5887](https://security-tracker.debian.org/tracker/CVE-2012-5887),\nwhich were all fixed for stable already.\n\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 6.0.35-6+deb7u1.\n\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\n\nWe recommend that you upgrade your tomcat6 packages.\n\n\n", "cvss3": {}, "published": "2013-07-18T00:00:00", "type": "osv", "title": "tomcat6 - several", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3544", "CVE-2012-5887", "CVE-2012-4431", "CVE-2012-2733", "CVE-2013-2067", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2022-07-21T05:48:01", "id": "OSV:DSA-2725-1", "href": "https://osv.dev/vulnerability/DSA-2725-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:11:05", "description": "\nMultiple security vulnerabilities have been fixed in the Tomcat servlet\nand JSP engine, which may result on bypass of security manager\nrestrictions, information disclosure, denial of service or session\nfixation.\n\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 6.0.45+dfsg-1~deb7u1.\n\n\nWe recommend that you upgrade your tomcat6 packages.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-25T00:00:00", "type": "osv", "title": "tomcat6 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5351", "CVE-2014-0227", "CVE-2014-0230", "CVE-2016-0714", "CVE-2015-5345", "CVE-2016-0763", "CVE-2014-0099", "CVE-2014-0119", "CVE-2013-4322", "CVE-2015-5346", "CVE-2013-4286", "CVE-2015-5174", "CVE-2013-4590", "CVE-2014-7810", "CVE-2016-0706", "CVE-2014-0096", "CVE-2014-0075", "CVE-2014-0033"], "modified": "2022-08-10T07:11:00", "id": "OSV:DSA-3530-1", "href": "https://osv.dev/vulnerability/DSA-3530-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-21T08:30:58", "description": "\nSeveral vulnerabilities have been found in Tomcat, a servlet and JSP\nengine:\n\n\n* [CVE-2011-1184](https://security-tracker.debian.org/tracker/CVE-2011-1184) [CVE-2011-5062](https://security-tracker.debian.org/tracker/CVE-2011-5062) [CVE-2011-5063](https://security-tracker.debian.org/tracker/CVE-2011-5063) [CVE-2011-5064](https://security-tracker.debian.org/tracker/CVE-2011-5064)\nThe HTTP Digest Access Authentication implementation performed\n insufficient countermeasures against replay attacks.\n* [CVE-2011-2204](https://security-tracker.debian.org/tracker/CVE-2011-2204)\nIn rare setups passwords were written into a logfile.\n* [CVE-2011-2526](https://security-tracker.debian.org/tracker/CVE-2011-2526)\nMissing input sanitising in the HTTP APR or HTTP NIO connectors\n could lead to denial of service.\n* [CVE-2011-3190](https://security-tracker.debian.org/tracker/CVE-2011-3190)\nAJP requests could be spoofed in some setups.\n* [CVE-2011-3375](https://security-tracker.debian.org/tracker/CVE-2011-3375)\nIncorrect request caching could lead to information disclosure.\n* [CVE-2011-4858](https://security-tracker.debian.org/tracker/CVE-2011-4858) [CVE-2012-0022](https://security-tracker.debian.org/tracker/CVE-2012-0022)\nThis update adds countermeasures against a collision denial of\n service vulnerability in the Java hashtable implementation and\n addresses denial of service potentials when processing large\n amounts of requests.\n\n\nAdditional information can be\nfound at \n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.35-1+squeeze2.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.35-1.\n\n\nWe recommend that you upgrade your tomcat6 packages.\n\n\n", "cvss3": {}, "published": "2012-02-02T00:00:00", "type": "osv", "title": "tomcat6 - several", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0022", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-4858", "CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2011-3375", "CVE-2011-5064", "CVE-2011-3190"], "modified": "2022-07-21T05:47:37", "id": "OSV:DSA-2401-1", "href": "https://osv.dev/vulnerability/DSA-2401-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:08:33", "description": "\nIt was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\n\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 7.0.28-4+deb7u3. This update also provides fixes for\n[CVE-2013-4444](https://security-tracker.debian.org/tracker/CVE-2013-4444), [CVE-2014-0075](https://security-tracker.debian.org/tracker/CVE-2014-0075), [CVE-2014-0099](https://security-tracker.debian.org/tracker/CVE-2014-0099), [CVE-2014-0227](https://security-tracker.debian.org/tracker/CVE-2014-0227) and\n[CVE-2014-0230](https://security-tracker.debian.org/tracker/CVE-2014-0230), which were all fixed for the stable distribution (jessie)\nalready.\n\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\n\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 7.0.61-1.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.0.61-1.\n\n\nWe recommend that you upgrade your tomcat7 packages.\n\n\n", "cvss3": {}, "published": "2016-01-17T00:00:00", "type": "osv", "title": "tomcat7 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0099", "CVE-2014-7810", "CVE-2014-0075", "CVE-2013-4444"], "modified": "2022-08-10T07:08:27", "id": "OSV:DSA-3447-1", "href": "https://osv.dev/vulnerability/DSA-3447-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-21T08:31:44", "description": "\n\nSeveral vulnerabilities were discovered in the Tomcat Servlet and JSP\nengine:\n\n\n\n* [CVE-2010-3718](https://security-tracker.debian.org/tracker/CVE-2010-3718)\n\n It was discovered that the SecurityManager insufficiently\n restricted the working directory.\n* [CVE-2011-0013](https://security-tracker.debian.org/tracker/CVE-2011-0013)\n\n It was discovered that the HTML manager interface is affected\n by cross-site scripting.\n* [CVE-2011-0534](https://security-tracker.debian.org/tracker/CVE-2011-0534)\n\n It was discovered that NIO connector performs insufficient\n validation of the HTTP headers, which could lead to denial\n of service.\n\n\n\nThe oldstable distribution (lenny) is not affected by these issues.\n\n\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.28-9+squeeze1.\n\n\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.28-10.\n\n\n\n\nWe recommend that you upgrade your tomcat6 packages.\n\n\n\n", "cvss3": {}, "published": "2011-02-13T00:00:00", "type": "osv", "title": "tomcat6 - several", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0013", "CVE-2011-0534", "CVE-2010-3718"], "modified": "2022-07-21T05:47:19", "id": "OSV:DSA-2160-1", "href": "https://osv.dev/vulnerability/DSA-2160-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:51:31", "description": "Two security issues have been found in the Tomcat servlet and JSP engine:\n\nCVE-2012-3544 \nThe input filter for chunked transfer encodings could trigger high\nresource consumption through malformed CRLF sequences, resulting in\ndenial of service.\n\nCVE-2013-2067 \nThe FormAuthenticator module was vulnerable to session fixation.", "cvss3": {}, "published": "2013-07-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2725-1 (tomcat6 - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2012-5887", "CVE-2012-4431", "CVE-2012-2733", "CVE-2013-2067", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892725", "href": "http://plugins.openvas.org/nasl.php?oid=892725", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2725.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2725-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"tomcat6 on Debian Linux\";\ntag_insight = \"Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)\nspecifications from Sun Microsystems, and provides a 'pure Java' HTTP web\nserver environment for Java code to run.\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 6.0.35-1+squeeze3. This update also provides fixes for\nCVE-2012-2733,\nCVE-2012-3546,\nCVE-2012-4431,\nCVE-2012-4534,\nCVE-2012-5885,\nCVE-2012-5886 and\nCVE-2012-5887 \n,\nwhich were all fixed for stable already.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 6.0.35-6+deb7u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your tomcat6 packages.\";\ntag_summary = \"Two security issues have been found in the Tomcat servlet and JSP engine:\n\nCVE-2012-3544 \nThe input filter for chunked transfer encodings could trigger high\nresource consumption through malformed CRLF sequences, resulting in\ndenial of service.\n\nCVE-2013-2067 \nThe FormAuthenticator module was vulnerable to session fixation.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892725);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-4534\", \"CVE-2012-3544\", \"CVE-2013-2067\", \"CVE-2012-5885\", \"CVE-2012-5887\", \"CVE-2012-4431\", \"CVE-2012-2733\", \"CVE-2012-5886\", \"CVE-2012-3546\");\n script_name(\"Debian Security Advisory DSA 2725-1 (tomcat6 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-07-18 00:00:00 +0200 (Thu, 18 Jul 2013)\");\n script_tag(name: \"cvss_base\", value:\"6.8\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2725.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.4-java\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-extras\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:08", "description": "Two security issues have been found in the Tomcat servlet and JSP engine:\n\nCVE-2012-3544\nThe input filter for chunked transfer encodings could trigger high\nresource consumption through malformed CRLF sequences, resulting in\ndenial of service.\n\nCVE-2013-2067\nThe FormAuthenticator module was vulnerable to session fixation.", "cvss3": {}, "published": "2013-07-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2725-1 (tomcat6 - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2012-5887", "CVE-2012-4431", "CVE-2012-2733", "CVE-2013-2067", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892725", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892725", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2725.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2725-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892725\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-4534\", \"CVE-2012-3544\", \"CVE-2013-2067\", \"CVE-2012-5885\", \"CVE-2012-5887\", \"CVE-2012-4431\", \"CVE-2012-2733\", \"CVE-2012-5886\", \"CVE-2012-3546\");\n script_name(\"Debian Security Advisory DSA 2725-1 (tomcat6 - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-18 00:00:00 +0200 (Thu, 18 Jul 2013)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2725.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"tomcat6 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 6.0.35-1+squeeze3. This update also provides fixes for\nCVE-2012-2733,\nCVE-2012-3546,\nCVE-2012-4431,\nCVE-2012-4534,\nCVE-2012-5885,\nCVE-2012-5886 and\nCVE-2012-5887\n,\nwhich were all fixed for stable already.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 6.0.35-6+deb7u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your tomcat6 packages.\");\n script_tag(name:\"summary\", value:\"Two security issues have been found in the Tomcat servlet and JSP engine:\n\nCVE-2012-3544\nThe input filter for chunked transfer encodings could trigger high\nresource consumption through malformed CRLF sequences, resulting in\ndenial of service.\n\nCVE-2013-2067\nThe FormAuthenticator module was vulnerable to session fixation.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.35-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.4-java\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-extras\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.35-6+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:31", "description": "Gentoo Linux Local Security Checks GLSA 201412-29", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-29", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2013-2071", "CVE-2012-5887", "CVE-2014-0099", "CVE-2014-0119", "CVE-2013-4322", "CVE-2012-4431", "CVE-2012-2733", "CVE-2014-0050", "CVE-2013-2067", "CVE-2013-4286", "CVE-2013-4590", "CVE-2014-0096", "CVE-2014-0075", "CVE-2012-3546", "CVE-2012-5886", "CVE-2014-0033", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121315", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121315", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-29.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121315\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:17 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-29\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Tomcat. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-29\");\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-3544\", \"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\", \"CVE-2013-2067\", \"CVE-2013-2071\", \"CVE-2013-4286\", \"CVE-2013-4322\", \"CVE-2013-4590\", \"CVE-2014-0033\", \"CVE-2014-0050\", \"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-29\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-servers/tomcat\", unaffected: make_list(\"ge 7.0.56\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-servers/tomcat\", unaffected: make_list(\"ge 6.0.41\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-servers/tomcat\", unaffected: make_list(), vulnerable: make_list(\"lt 7.0.56\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:04", "description": "Multiple security vulnerabilities have\nbeen fixed in the Tomcat servlet and JSP engine, which may result on bypass of\nsecurity manager restrictions, information disclosure, denial of service or session\nfixation.", "cvss3": {}, "published": "2016-03-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3530-1 (tomcat6 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5351", "CVE-2014-0227", "CVE-2014-0230", "CVE-2016-0714", "CVE-2015-5345", "CVE-2016-0763", "CVE-2014-0099", "CVE-2014-0119", "CVE-2013-4322", "CVE-2015-5346", "CVE-2013-4286", "CVE-2015-5174", "CVE-2013-4590", "CVE-2014-7810", "CVE-2016-0706", "CVE-2014-0096", "CVE-2014-0075", "CVE-2014-0033"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703530", "href": "http://plugins.openvas.org/nasl.php?oid=703530", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3530.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3530-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703530);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2013-4286\", \"CVE-2013-4322\", \"CVE-2013-4590\", \"CVE-2014-0033\",\n \"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\",\n \"CVE-2014-0227\", \"CVE-2014-0230\", \"CVE-2014-7810\", \"CVE-2015-5174\",\n \"CVE-2015-5345\", \"CVE-2015-5346\", \"CVE-2015-5351\", \"CVE-2016-0706\",\n \"CVE-2016-0714\", \"CVE-2016-0763\");\n script_name(\"Debian Security Advisory DSA 3530-1 (tomcat6 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-03-25 00:00:00 +0100 (Fri, 25 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3530.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"tomcat6 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Tomcat implements the Java\nServlet and the JavaServer Pages (JSP) specifications from Sun Microsystems,\nand provides a 'pure Java' HTTP web server environment for Java code to run.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 6.0.45+dfsg-1~deb7u1.\n\nWe recommend that you upgrade your tomcat6 packages.\");\n script_tag(name: \"summary\", value: \"Multiple security vulnerabilities have\nbeen fixed in the Tomcat servlet and JSP engine, which may result on bypass of\nsecurity manager restrictions, information disclosure, denial of service or session\nfixation.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet2.4-java\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-extras\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.45+dfsg-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:39", "description": "Multiple security vulnerabilities have\nbeen fixed in the Tomcat servlet and JSP engine, which may result on bypass of\nsecurity manager restrictions, information disclosure, denial of service or session\nfixation.", "cvss3": {}, "published": "2016-03-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3530-1 (tomcat6 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5351", "CVE-2014-0227", "CVE-2014-0230", "CVE-2016-0714", "CVE-2015-5345", "CVE-2016-0763", "CVE-2014-0099", "CVE-2014-0119", "CVE-2013-4322", "CVE-2015-5346", "CVE-2013-4286", "CVE-2015-5174", "CVE-2013-4590", "CVE-2014-7810", "CVE-2016-0706", "CVE-2014-0096", "CVE-2014-0075", "CVE-2014-0033"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703530", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703530", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3530.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3530-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703530\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2013-4286\", \"CVE-2013-4322\", \"CVE-2013-4590\", \"CVE-2014-0033\",\n \"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\",\n \"CVE-2014-0227\", \"CVE-2014-0230\", \"CVE-2014-7810\", \"CVE-2015-5174\",\n \"CVE-2015-5345\", \"CVE-2015-5346\", \"CVE-2015-5351\", \"CVE-2016-0706\",\n \"CVE-2016-0714\", \"CVE-2016-0763\");\n script_name(\"Debian Security Advisory DSA 3530-1 (tomcat6 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-25 00:00:00 +0100 (Fri, 25 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3530.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"tomcat6 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 6.0.45+dfsg-1~deb7u1.\n\nWe recommend that you upgrade your tomcat6 packages.\");\n script_tag(name:\"summary\", value:\"Multiple security vulnerabilities have\nbeen fixed in the Tomcat servlet and JSP engine, which may result on bypass of\nsecurity manager restrictions, information disclosure, denial of service or session\nfixation.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libservlet2.4-java\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-extras\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.45+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-14T18:59:18", "description": "Oracle Linux Local Security Checks ELSA-2013-0623", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0623", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310123666", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123666", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123666\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:00 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0623\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0623 - tomcat6 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0623\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0623.html\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-el-2.1-api\", rpm:\"tomcat6-el-2.1-api~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1-api\", rpm:\"tomcat6-jsp-2.1-api~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5-api\", rpm:\"tomcat6-servlet-2.5-api~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.24~52.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-22T13:09:36", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat6 CESA-2013:0623 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:881689", "href": "http://plugins.openvas.org/nasl.php?oid=881689", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat6 CESA-2013:0623 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending _security_check to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n \n A flaw was found in the way Tomcat handled sendfile operations when using\n the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\n could use this flaw to cause a denial of service (infinite loop). The HTTP\n blocking IO (BIO) connector, which is not vulnerable to this issue, is used\n by default in Red Hat Enterprise Linux 6. (CVE-2012-4534)\n \n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n \n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\";\n\n\ntag_affected = \"tomcat6 on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019640.html\");\n script_id(881689);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:52:48 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2013:0623\");\n script_name(\"CentOS Update for tomcat6 CESA-2013:0623 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el\", rpm:\"tomcat6-el~2.1~api~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp\", rpm:\"tomcat6-jsp~2.1~api~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet\", rpm:\"tomcat6-servlet~2.5~api~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-26T11:10:02", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat6 RHSA-2013:0623-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2018-01-25T00:00:00", "id": "OPENVAS:870958", "href": "http://plugins.openvas.org/nasl.php?oid=870958", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat6 RHSA-2013:0623-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending /j_security_check to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n\n A flaw was found in the way Tomcat handled sendfile operations when using\n the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\n could use this flaw to cause a denial of service (infinite loop). The HTTP\n blocking IO (BIO) connector, which is not vulnerable to this issue, is used\n by default in Red Hat Enterprise Linux 6. (CVE-2012-4534)\n\n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n\n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\";\n\n\ntag_affected = \"tomcat6 on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00029.html\");\n script_id(870958);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 09:53:55 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2013:0623-01\");\n script_name(\"RedHat Update for tomcat6 RHSA-2013:0623-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el\", rpm:\"tomcat6-el~2.1~api~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp\", rpm:\"tomcat6-jsp~2.1~api~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet\", rpm:\"tomcat6-servlet~2.5~api~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-03-14T19:02:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat6 CESA-2013:0623 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310881689", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881689", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019640.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881689\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:52:48 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2013:0623\");\n script_name(\"CentOS Update for tomcat6 CESA-2013:0623 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat6'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"tomcat6 on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending _security_check to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n\n A flaw was found in the way Tomcat handled sendfile operations when using\n the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\n could use this flaw to cause a denial of service (infinite loop). The HTTP\n blocking IO (BIO) connector, which is not vulnerable to this issue, is used\n by default in Red Hat Enterprise Linux 6. (CVE-2012-4534)\n\n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n\n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el-2.1-api\", rpm:\"tomcat6-el-2.1-api~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1-api\", rpm:\"tomcat6-jsp-2.1-api~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5-api\", rpm:\"tomcat6-servlet-2.5-api~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.24~52.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-14T19:02:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat6 RHSA-2013:0623-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-4534", "CVE-2012-5885"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310870958", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870958", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00029.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870958\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 09:53:55 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"RHSA\", value:\"2013:0623-01\");\n script_name(\"RedHat Update for tomcat6 RHSA-2013:0623-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat6'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"tomcat6 on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending /j_security_check to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n\n A flaw was found in the way Tomcat handled sendfile operations when using\n the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\n could use this flaw to cause a denial of service (infinite loop). The HTTP\n blocking IO (BIO) connector, which is not vulnerable to this issue, is used\n by default in Red Hat Enterprise Linux 6. (CVE-2012-4534)\n\n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n\n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el-2.1-api\", rpm:\"tomcat6-el-2.1-api~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1-api\", rpm:\"tomcat6-jsp-2.1-api~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5-api\", rpm:\"tomcat6-servlet-2.5-api~6.0.24~52.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:50:33", "description": "The remote host is missing an update to tomcat6\nannounced via advisory DSA 2401-1.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2401-1 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0022", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-4858", "CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2011-3375", "CVE-2011-5064", "CVE-2011-3190"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70718", "href": "http://plugins.openvas.org/nasl.php?oid=70718", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2401_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2401-1 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been found in Tomcat, a servlet and JSP\nengine:\n\nCVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064\n\nThe HTTP Digest Access Authentication implementation performed\ninsufficient countermeasures against replay attacks.\n\nCVE-2011-2204\n\nIn rare setups passwords were written into a logfile.\n\nCVE-2011-2526\n\nMissing input sanisiting in the HTTP APR or HTTP NIO connectors\ncould lead to denial of service.\n\nCVE-2011-3190\n\nAJP requests could be spoofed in some setups.\n\nCVE-2011-3375\n\nIncorrect request caching could lead to information disclosure.\n\nCVE-2011-4858 CVE-2012-0022\n\nThis update adds countermeasures against a collision denial of\nservice vulnerability in the Java hashtable implementation and\naddresses denial of service potentials when processing large\namounts of requests.\n\nAdditional information can be\nfound at http://tomcat.apache.org/security-6.html\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.35-1+squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.35-1.\n\nWe recommend that you upgrade your tomcat6 packages.\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory DSA 2401-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202401-1\";\n\nif(description)\n{\n script_id(70718);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-3375\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:38:55 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2401-1 (tomcat6)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:53", "description": "The remote host is missing an update to tomcat6\nannounced via advisory DSA 2401-1.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2401-1 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0022", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-4858", "CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2011-3375", "CVE-2011-5064", "CVE-2011-3190"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070718", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070718", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2401_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2401-1 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70718\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-3375\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:38:55 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2401-1 (tomcat6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202401-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been found in Tomcat, a servlet and JSP\nengine:\n\nCVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064\n\nThe HTTP Digest Access Authentication implementation performed\ninsufficient countermeasures against replay attacks.\n\nCVE-2011-2204\n\nIn rare setups passwords were written into a logfile.\n\nCVE-2011-2526\n\nMissing input sanisiting in the HTTP APR or HTTP NIO connectors\ncould lead to denial of service.\n\nCVE-2011-3190\n\nAJP requests could be spoofed in some setups.\n\nCVE-2011-3375\n\nIncorrect request caching could lead to information disclosure.\n\nCVE-2011-4858 CVE-2012-0022\n\nThis update adds countermeasures against a collision denial of\nservice vulnerability in the Java hashtable implementation and\naddresses denial of service potentials when processing large\namounts of requests.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.35-1+squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.35-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your tomcat6 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to tomcat6\nannounced via advisory DSA 2401-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.35-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:06", "description": "It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.", "cvss3": {}, "published": "2016-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3447-1 (tomcat7 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0099", "CVE-2014-7810", "CVE-2014-0075", "CVE-2013-4444"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703447", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703447", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3447.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3447-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703447\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2013-4444\", \"CVE-2014-0075\", \"CVE-2014-0099\", \"CVE-2014-0227\",\n \"CVE-2014-0230\", \"CVE-2014-7810\");\n script_name(\"Debian Security Advisory DSA 3447-1 (tomcat7 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-17 00:00:00 +0100 (Sun, 17 Jan 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3447.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|7|8)\");\n script_tag(name:\"affected\", value:\"tomcat7 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution\n(wheezy), this problem has been fixed in version 7.0.28-4+deb7u3. This update\nalso provides fixes for CVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227\nand CVE-2014-0230, which were all fixed for the stable distribution (jessie)\nalready.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 7.0.61-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.0.61-1.\n\nWe recommend that you upgrade your tomcat7 packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.61-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.28-4+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.56-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:54:59", "description": "It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.", "cvss3": {}, "published": "2016-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3447-1 (tomcat7 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0099", "CVE-2014-7810", "CVE-2014-0075", "CVE-2013-4444"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703447", "href": "http://plugins.openvas.org/nasl.php?oid=703447", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3447.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3447-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703447);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2013-4444\", \"CVE-2014-0075\", \"CVE-2014-0099\", \"CVE-2014-0227\",\n \"CVE-2014-0230\", \"CVE-2014-7810\");\n script_name(\"Debian Security Advisory DSA 3447-1 (tomcat7 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-01-17 00:00:00 +0100 (Sun, 17 Jan 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3447.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"tomcat7 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Tomcat implements the Java\nServlet and the JavaServer Pages (JSP) specifications from Sun Microsystems,\nand provides a 'pure Java' HTTP web server environment for Java code to run.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution\n(wheezy), this problem has been fixed in version 7.0.28-4+deb7u3. This update\nalso provides fixes for CVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227\nand CVE-2014-0230 , which were all fixed for the stable distribution (jessie)\nalready.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 7.0.61-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.0.61-1.\n\nWe recommend that you upgrade your tomcat7 packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.61-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.28-4+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.56-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-03-14T18:58:58", "description": "Oracle Linux Local Security Checks ELSA-2011-1845", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1845", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2204", "CVE-2011-0013", "CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2010-3718", "CVE-2011-5064"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310122020", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122020", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122020\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:48 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1845\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1845 - tomcat5 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1845\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1845.html\");\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.22.el5_7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-14T18:59:32", "description": "Oracle Linux Local Security Checks ELSA-2011-1780", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1780", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2204", "CVE-2011-2526", "CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2011-5064", "CVE-2011-3190"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310122047", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122047", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122047\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:12:11 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1780\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1780 - tomcat6 security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1780\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1780.html\");\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-el-2.1-api\", rpm:\"tomcat6-el-2.1-api~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1-api\", rpm:\"tomcat6-jsp-2.1-api~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5-api\", rpm:\"tomcat6-servlet-2.5-api~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.24~35.el6_1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:50", "description": "The host is running Apache Tomcat Server and is prone to multiple\n security bypass vulnerabilities.", "cvss3": {}, "published": "2012-01-16T00:00:00", "type": "openvas", "title": "Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2011-5064"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310802415", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802415", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802415\");\n script_version(\"2019-05-10T11:41:35+0000\");\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_bugtraq_id(49762);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 11:41:35 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-01-16 15:35:35 +0530 (Mon, 16 Jan 2012)\");\n script_name(\"Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-5.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html\");\n script_xref(name:\"URL\", value:\"http://svn.apache.org/viewvc?view=revision&revision=1158180\");\n script_xref(name:\"URL\", value:\"http://svn.apache.org/viewvc?view=revision&revision=1159309\");\n script_xref(name:\"URL\", value:\"http://svn.apache.org/viewvc?view=revision&revision=1087655\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allows remote attackers to bypass intended\n access restrictions or gain sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat 5.5.x to 5.5.33, 6.x to 6.0.32 and 7.x to 7.0.11 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to errors in the HTTP Digest Access Authentication\n implementation,\n\n - which fails to check 'qop' and 'realm' values and allows to bypass\n access restrictions.\n\n - Catalina used as the hard-coded server secret in the\n DigestAuthenticator.java bypasses cryptographic protection mechanisms.\n\n - which fails to have the expected countermeasures against replay attacks.\");\n\n script_tag(name:\"summary\", value:\"The host is running Apache Tomcat Server and is prone to multiple\n security bypass vulnerabilities.\");\n\n script_tag(name:\"solution\", value:\"Upgrade Apache Tomcat to 5.5.34, 6.0.33, 7.0.12 or later.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif( version_in_range( version:vers, test_version:\"5.5.0\", test_version2:\"5.5.33\" ) ||\n version_in_range( version:vers, test_version:\"6.0.0\", test_version2:\"6.0.32\" ) ||\n version_in_range( version:vers, test_version:\"7.0.0\", test_version2:\"7.0.11\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.5.34/6.0.33/7.0.12\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T18:41:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-02T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tomcat6 (openSUSE-SU-2012:0208-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2011-5064"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850210", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850210", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850210\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 20:47:11 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0208-1\");\n script_name(\"openSUSE: Security Advisory for tomcat6 (openSUSE-SU-2012:0208-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat6'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.4\");\n\n script_tag(name:\"affected\", value:\"tomcat6 on openSUSE 11.4\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"insight\", value:\"This update fixes a regression in parameter passing (in\n urldecoding of parameters that contain spaces).\n\n In addition, multiple weaknesses in HTTP DIGESTS are fixed\n (CVE-2011-1184).\n\n\n CVE-2011-5062: The HTTP Digest Access Authentication\n implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x\n before 6.0.33 and 7.x before 7.0.12 does not check qop\n values, which might allow remote attackers to bypass\n intended integrity-protection requirements via a qop=auth\n value, a different vulnerability than CVE-2011-1184.\n\n CVE-2011-5063: The HTTP Digest Access Authentication\n implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x\n before 6.0.33, and 7.x before 7.0.12 does not check realm\n values, which might allow remote attackers to bypass\n intended access restrictions by leveraging the availability\n of a protection space with weaker authentication or\n authorization requirements, a different vulnerability than\n CVE-2011-1184.\n\n CVE-2011-5064: DigestAuthenticator.java in the HTTP Digest\n Access Authentication implementation in Apache Tomcat 5.5.x\n before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12\n uses Catalina as the hard-coded server secret (aka private\n key), which makes it easier for remote attackers to bypass\n cryptographic protection mechanisms by leveraging knowledge\n of this string, a different vulnerability than\n CVE-2011-1184.\n\n Special Instructions and Notes:\n\n Please reboot the system after installing this update.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-el-1_0-api\", rpm:\"tomcat6-el-1_0-api~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-jsp-2_1-api\", rpm:\"tomcat6-jsp-2_1-api~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-servlet-2_5-api\", rpm:\"tomcat6-servlet-2_5-api~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.32~7.14.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:57:19", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2012-08-02T00:00:00", "type": "openvas", "title": "SuSE Update for tomcat6 openSUSE-SU-2012:0208-1 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-5063", "CVE-2011-5062", "CVE-2011-1184", "CVE-2011-5064"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:850210", "href": "http://plugins.openvas.org/nasl.php?oid=850210", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2012_0208_1.nasl 8265 2018-01-01 06:29:23Z teissa $\n#\n# SuSE Update for tomcat6 openSUSE-SU-2012:0208-1 (tomcat6)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This update fixes a regression in parameter passing (in\n urldecoding of parameters that contain spaces).\n\n In addition, multiple weaknesses in HTTP DIGESTS are fixed\n (CVE-2011-1184).\n\n\n CVE-2011-5062: The HTTP Digest Access Authentication\n implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x\n before 6.0.33 and 7.x before 7.0.12 does not check qop\n values, which might allow remote attackers to bypass\n intended integrity-protection requirements via a qop=auth\n value, a different vulnerability than CVE-2011-1184.\n\n CVE-2011-5063: The HTTP Digest Access Authentication\n implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x\n before 6.0.33, and 7.x before 7.0.12 does not check realm\n values, which might allow remote attackers to bypass\n intended access restrictions by leveraging the availability\n of a protection space with weaker authentication or\n authorization requirements, a different vulnerability than\n CVE-2011-1184.\n\n CVE-2011-5064: DigestAuthenticator.java in the HTTP Digest\n Access Authentication implementation in Apache Tomcat 5.5.x\n before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12\n uses Catalina as the hard-coded server secret (aka private\n key), which makes it easier for remote attackers to bypass\n cryptographic protection mechanisms by leveraging knowledge\n of this string, a different vulnerability than\n CVE-2011-1184.\n\n\n Special Instructions and Notes:\n\n Please reboot the system after installing this update.\";\n\ntag_affected = \"tomcat6 on openSUSE 11.4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850210);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 20:47:11 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"openSUSE-SU\", value: \"2012:0208_1\");\n script_name(\"SuSE Update for tomcat6 openSUSE-SU-2012:0208-1 (tomcat6)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el-1_0-api\", rpm:\"tomcat6-el-1_0-api~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp-2_1-api\", rpm:\"tomcat6-jsp-2_1-api~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet-2_5-api\", rpm:\"tomcat6-servlet-2_5-api~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.32~7.14.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-22T13:10:44", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat5 CESA-2013:0640 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:881687", "href": "http://plugins.openvas.org/nasl.php?oid=881687", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat5 CESA-2013:0640 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending &quot;/j_security_check&quot; to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n \n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n \n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\";\n\n\ntag_affected = \"tomcat5 on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019645.html\");\n script_id(881687);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:52:23 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2013:0640\");\n script_name(\"CentOS Update for tomcat5 CESA-2013:0640 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-27T10:51:55", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat5 RHSA-2013:0640-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870965", "href": "http://plugins.openvas.org/nasl.php?oid=870965", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat5 RHSA-2013:0640-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending /j_security_check to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n\n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n\n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\";\n\n\ntag_affected = \"tomcat5 on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00042.html\");\n script_id(870965);\n script_version(\"$Revision: 6687 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:46:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:50:44 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2013:0640-01\");\n script_name(\"RedHat Update for tomcat5 RHSA-2013:0640-01\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-03-14T19:02:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat5 CESA-2013:0640 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310881687", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881687", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019645.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881687\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:52:23 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2013:0640\");\n script_name(\"CentOS Update for tomcat5 CESA-2013:0640 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"tomcat5 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending '/j_security_check' to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n\n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n\n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.38.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-14T19:02:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat5 RHSA-2013:0640-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310870965", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870965", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00042.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870965\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:50:44 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"RHSA\", value:\"2013:0640-01\");\n script_name(\"RedHat Update for tomcat5 RHSA-2013:0640-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"tomcat5 on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container.\n\n It was found that when an application used FORM authentication, along with\n another component that calls request.setUserPrincipal() before the call to\n FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was\n possible to bypass the security constraint checks in the FORM authenticator\n by appending /j_security_check to the end of a URL. A remote attacker\n with an authenticated session on an affected application could use this\n flaw to circumvent authorization controls, and thereby access resources not\n permitted by the roles associated with their authenticated session.\n (CVE-2012-3546)\n\n Multiple weaknesses were found in the Tomcat DIGEST authentication\n implementation, effectively reducing the security normally provided by\n DIGEST authentication. A remote attacker could use these flaws to perform\n replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\n\n Users of Tomcat should upgrade to these updated packages, which correct\n these issues. Tomcat must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.38.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-14T19:00:22", "description": "Oracle Linux Local Security Checks ELSA-2013-0640", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0640", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-3546", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310123663", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123663", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123663\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:06:57 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0640\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0640 - tomcat5 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0640\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0640.html\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.38.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat6 FEDORA-2011-13457", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2204", "CVE-2011-2526", "CVE-2011-0013", "CVE-2011-0534", "CVE-2010-3718", "CVE-2011-3190"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863592", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat6 FEDORA-2011-13457\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068453.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863592\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-13457\");\n script_cve_id(\"CVE-2011-3190\", \"CVE-2011-2526\", \"CVE-2011-2204\", \"CVE-2011-0534\",\n \"CVE-2011-0013\", \"CVE-2010-3718\");\n script_name(\"Fedora Update for tomcat6 FEDORA-2011-13457\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat6'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"tomcat6 on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.26~27.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:33", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat6 FEDORA-2011-13457", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2204", "CVE-2011-2526", "CVE-2011-0013", "CVE-2011-0534", "CVE-2010-3718", "CVE-2011-3190"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863592", "href": "http://plugins.openvas.org/nasl.php?oid=863592", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat6 FEDORA-2011-13457\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License version 2.0. Tomcat is intended\n to be a collaboration of the best-of-breed developers from around the world.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"tomcat6 on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068453.html\");\n script_id(863592);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-13457\");\n script_cve_id(\"CVE-2011-3190\", \"CVE-2011-2526\", \"CVE-2011-2204\", \"CVE-2011-0534\",\n \"CVE-2011-0013\", \"CVE-2010-3718\");\n script_name(\"Fedora Update for tomcat6 FEDORA-2011-13457\");\n\n script_summary(\"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.26~27.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-10-01T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2014-11048", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2013-4322", "CVE-2013-4286", "CVE-2013-4590"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868212", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868212", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat FEDORA-2014-11048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868212\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:58:08 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2013-4322\", \"CVE-2012-3544\", \"CVE-2013-4590\", \"CVE-2013-4286\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for tomcat FEDORA-2014-11048\");\n script_tag(name:\"affected\", value:\"tomcat on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11048\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138686.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~7.0.52~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "openvas", "title": "FreeBSD Ports: tomcat", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2012-3439", "CVE-2012-4431", "CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4534"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231072606", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072606", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_tomcat1.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 152e4c7e-2a2e-11e2-99c7-00a0d181e71d\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72606\");\n script_version(\"$Revision: 11762 $\");\n script_cve_id(\"CVE-2012-3439\", \"CVE-2012-2733\", \"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-3544\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-26 12:47:33 -0500 (Mon, 26 Nov 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"FreeBSD Ports: tomcat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: tomcat\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-5.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/152e4c7e-2a2e-11e2-99c7-00a0d181e71d.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"tomcat\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.5.0\")>0 && revcomp(a:bver, b:\"5.5.36\")<0) {\n txt += \"Package tomcat version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"6.0.0\")>0 && revcomp(a:bver, b:\"6.0.36\")<0) {\n txt += \"Package tomcat version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"7.0.0\")>0 && revcomp(a:bver, b:\"7.0.30\")<0) {\n txt += \"Package tomcat version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T22:56:13", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2016-03-31T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-681)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0714", "CVE-2015-5345", "CVE-2015-5174", "CVE-2016-0706"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120671", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120671", "sourceData": "# Copyright (C) 2016 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120671\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-03-31 08:02:14 +0300 (Thu, 31 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-681)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in Apache Tomcat. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update tomcat6 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-681.html\");\n script_cve_id(\"CVE-2015-5174\", \"CVE-2015-5345\", \"CVE-2016-0714\", \"CVE-2016-0706\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-jsp-2.1-api\", rpm:\"tomcat6-jsp-2.1-api~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-servlet-2.5-api\", rpm:\"tomcat6-servlet-2.5-api~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-el-2.1-api\", rpm:\"tomcat6-el-2.1-api~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.45~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-26T00:00:00", "type": "openvas", "title": "Ubuntu Update for tomcat7 USN-2654-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0119", "CVE-2014-7810"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842260", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for tomcat7 USN-2654-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842260\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:24:39 +0200 (Fri, 26 Jun 2015)\");\n script_cve_id(\"CVE-2014-0119\", \"CVE-2014-0227\", \"CVE-2014-0230\", \"CVE-2014-7810\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for tomcat7 USN-2654-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat7'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the Tomcat XML\nparser incorrectly handled XML External Entities (XXE). A remote attacker could\npossibly use this issue to read arbitrary files. This issue only affected Ubuntu\n14.04 LTS. (CVE-2014-0119)\n\nIt was discovered that Tomcat incorrectly handled data with malformed\nchunked transfer coding. A remote attacker could possibly use this issue to\nconduct HTTP request smuggling attacks, or cause Tomcat to consume\nresources, resulting in a denial of service. This issue only affected\nUbuntu 14.04 LTS. (CVE-2014-0227)\n\nIt was discovered that Tomcat incorrectly handled HTTP responses occurring\nbefore the entire request body was finished being read. A remote attacker\ncould possibly use this issue to cause memory consumption, resulting in a\ndenial of service. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2014-0230)\n\nIt was discovered that the Tomcat Expression Language (EL) implementation\nincorrectly handled accessible interfaces implemented by inaccessible\nclasses. An attacker could possibly use this issue to bypass a\nSecurityManager protection mechanism. (CVE-2014-7810)\");\n script_tag(name:\"affected\", value:\"tomcat7 on Ubuntu 14.10,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2654-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2654-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.55-1ubuntu0.2\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.52-1ubuntu0.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-17T23:00:17", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-526)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0227", "CVE-2014-0099", "CVE-2014-0096", "CVE-2014-0075"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120058", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120058", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120058\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:16:27 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-526)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in JBoss Web / Apache Tomcat. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update tomcat7 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-526.html\");\n script_cve_id(\"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0227\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-admin-webapps\", rpm:\"tomcat7-admin-webapps~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-el-2.2-api\", rpm:\"tomcat7-el-2.2-api~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-webapps\", rpm:\"tomcat7-webapps~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-log4j\", rpm:\"tomcat7-log4j~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7\", rpm:\"tomcat7~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-jsp-2.2-api\", rpm:\"tomcat7-jsp-2.2-api~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-docs-webapp\", rpm:\"tomcat7-docs-webapp~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-servlet-3.0-api\", rpm:\"tomcat7-servlet-3.0-api~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-javadoc\", rpm:\"tomcat7-javadoc~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat7-lib\", rpm:\"tomcat7-lib~7.0.59~1.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-03-17T22:59:21", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-527)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0227", "CVE-2014-0099", "CVE-2014-0096", "CVE-2014-0075"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120057", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120057\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:16:25 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-527)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in JBoss Web / Apache Tomcat. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update tomcat8 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-527.html\");\n script_cve_id(\"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0227\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-admin-webapps\", rpm:\"tomcat8-admin-webapps~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-servlet-3.1-api\", rpm:\"tomcat8-servlet-3.1-api~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-docs-webapp\", rpm:\"tomcat8-docs-webapp~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-jsp-2.3-api\", rpm:\"tomcat8-jsp-2.3-api~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-webapps\", rpm:\"tomcat8-webapps~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-log4j\", rpm:\"tomcat8-log4j~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-javadoc\", rpm:\"tomcat8-javadoc~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-lib\", rpm:\"tomcat8-lib~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8-el-3.0-api\", rpm:\"tomcat8-el-3.0-api~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat8\", rpm:\"tomcat8~8.0.20~1.53.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-02-25T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2015-2109", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0227", "CVE-2014-0099", "CVE-2014-0096", "CVE-2014-0075"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869037", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869037", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat FEDORA-2015-2109\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869037\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-25 05:41:39 +0100 (Wed, 25 Feb 2015)\");\n script_cve_id(\"CVE-2014-0227\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0075\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tomcat FEDORA-2015-2109\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tomcat on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-2109\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~7.0.59~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:41", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1637-1", "cvss3": {}, "published": "2012-11-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for tomcat6 USN-1637-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3439", "CVE-2012-5887", "CVE-2012-2733", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841222", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841222", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1637_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for tomcat6 USN-1637-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1637-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841222\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-23 11:53:31 +0530 (Fri, 23 Nov 2012)\");\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\", \"CVE-2012-3439\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1637-1\");\n script_name(\"Ubuntu Update for tomcat6 USN-1637-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1637-1\");\n script_tag(name:\"affected\", value:\"tomcat6 on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that the Apache Tomcat HTTP NIO connector incorrectly\n handled header data. A remote attacker could cause a denial of service by\n sending requests with a large amount of header data. (CVE-2012-2733)\n\n It was discovered that Apache Tomcat incorrectly handled DIGEST\n authentication. A remote attacker could possibly use these flaws to perform\n a replay attack and bypass authentication. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1ubuntu3.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.32-5ubuntu1.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.24-2ubuntu1.11\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-04T11:20:51", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1637-1", "cvss3": {}, "published": "2012-11-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for tomcat6 USN-1637-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3439", "CVE-2012-5887", "CVE-2012-2733", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841222", "href": "http://plugins.openvas.org/nasl.php?oid=841222", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1637_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for tomcat6 USN-1637-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the Apache Tomcat HTTP NIO connector incorrectly\n handled header data. A remote attacker could cause a denial of service by\n sending requests with a large amount of header data. (CVE-2012-2733)\n\n It was discovered that Apache Tomcat incorrectly handled DIGEST\n authentication. A remote attacker could possibly use these flaws to perform\n a replay attack and bypass authentication. (CVE-2012-5885, CVE-2012-5886,\n CVE-2012-5887)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1637-1\";\ntag_affected = \"tomcat6 on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1637-1/\");\n script_id(841222);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-23 11:53:31 +0530 (Fri, 23 Nov 2012)\");\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\", \"CVE-2012-3439\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1637-1\");\n script_name(\"Ubuntu Update for tomcat6 USN-1637-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1ubuntu3.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.32-5ubuntu1.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.24-2ubuntu1.11\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:57", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1097-1", "cvss3": {}, "published": "2011-04-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for tomcat6 vulnerabilities USN-1097-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0013", "CVE-2011-0534", "CVE-2010-3718"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840622", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840622", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1097_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for tomcat6 vulnerabilities USN-1097-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1097-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840622\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1097-1\");\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-0534\");\n script_name(\"Ubuntu Update for tomcat6 vulnerabilities USN-1097-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(9\\.10|10\\.10|10\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1097-1\");\n script_tag(name:\"affected\", value:\"tomcat6 vulnerabilities on Ubuntu 9.10,\n Ubuntu 10.04 LTS,\n Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that the Tomcat SecurityManager did not properly restrict\n the working directory. An attacker could use this flaw to read or write\n files outside of the intended working directory. (CVE-2010-3718)\n\n It was discovered that Tomcat did not properly escape certain parameters in\n the Manager application which could result in browsers becoming vulnerable\n to cross-site scripting attacks when processing the output. With cross-site\n scripting vulnerabilities, if a user were tricked into viewing server\n output during a crafted server request, a remote attacker could exploit\n this to modify the contents, or steal confidential data (such as\n passwords), within the same domain. (CVE-2011-0013)\n\n It was discovered that Tomcat incorrectly enforced the maxHttpHeaderSize\n limit in certain configurations. A remote attacker could use this flaw to\n cause Tomcat to consume all available memory, resulting in a denial of\n service. (CVE-2011-0534)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:54", "description": "The remote host is missing an update to tomcat6\nannounced via advisory DSA 2160-1.", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2160-1 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0013", "CVE-2011-0534", "CVE-2010-3718"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231068994", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068994", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2160_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2160-1 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68994\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-0534\");\n script_name(\"Debian Security Advisory DSA 2160-1 (tomcat6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202160-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in the Tomcat Servlet and JSP\nengine:\n\nCVE-2010-3718\n\nIt was discovered that the SecurityManager insufficiently\nrestricted the working directory.\n\nCVE-2011-0013\n\nIt was discovered that the HTML manager interface is affected\nby cross-site scripting.\n\nCVE-2011-0534\n\nIt was discovered that NIO connector performs insufficient\nvalidation of the HTTP headers, which could lead to denial\nof service.\n\nThe oldstable distribution (lenny) is not affected by these issues.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.28-9+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.28-10.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your tomcat6 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to tomcat6\nannounced via advisory DSA 2160-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"5-java\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"5-java-doc\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:48", "description": "The remote host is missing an update to tomcat6\nannounced via advisory DSA 2160-1.", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2160-1 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0013", "CVE-2011-0534", "CVE-2010-3718"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68994", "href": "http://plugins.openvas.org/nasl.php?oid=68994", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2160_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2160-1 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities were discovered in the Tomcat Servlet and JSP\nengine:\n\nCVE-2010-3718\n\nIt was discovered that the SecurityManager insufficiently\nrestricted the working directory.\n\nCVE-2011-0013\n\nIt was discovered that the HTML manager interface is affected\nby cross-site scripting.\n\nCVE-2011-0534\n\nIt was discovered that NIO connector performs insufficient\nvalidation of the HTTP headers, which could lead to denial\nof service.\n\nThe oldstable distribution (lenny) is not affected by these issues.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.28-9+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 6.0.28-10.\n\nWe recommend that you upgrade your tomcat6 packages.\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory DSA 2160-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202160-1\";\n\n\nif(description)\n{\n script_id(68994);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-0534\");\n script_name(\"Debian Security Advisory DSA 2160-1 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"5-java\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"5-java-doc\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.28-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:27:23", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1097-1", "cvss3": {}, "published": "2011-04-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for tomcat6 vulnerabilities USN-1097-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0013", "CVE-2011-0534", "CVE-2010-3718"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840622", "href": "http://plugins.openvas.org/nasl.php?oid=840622", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1097_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for tomcat6 vulnerabilities USN-1097-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the Tomcat SecurityManager did not properly restrict\n the working directory. An attacker could use this flaw to read or write\n files outside of the intended working directory. (CVE-2010-3718)\n\n It was discovered that Tomcat did not properly escape certain parameters in\n the Manager application which could result in browsers becoming vulnerable\n to cross-site scripting attacks when processing the output. With cross-site\n scripting vulnerabilities, if a user were tricked into viewing server\n output during a crafted server request, a remote attacker could exploit\n this to modify the contents, or steal confidential data (such as\n passwords), within the same domain. (CVE-2011-0013)\n \n It was discovered that Tomcat incorrectly enforced the maxHttpHeaderSize\n limit in certain configurations. A remote attacker could use this flaw to\n cause Tomcat to consume all available memory, resulting in a denial of\n service. (CVE-2011-0534)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1097-1\";\ntag_affected = \"tomcat6 vulnerabilities on Ubuntu 9.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1097-1/\");\n script_id(840622);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1097-1\");\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-0534\");\n script_name(\"Ubuntu Update for tomcat6 vulnerabilities USN-1097-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.20-2ubuntu2.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.28-2ubuntu1.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.24-2ubuntu1.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:05", "description": "The host is running Apache Tomcat Server and is prone to multiple\n security bypass vulnerabilities.", "cvss3": {}, "published": "2012-11-27T00:00:00", "type": "openvas", "title": "Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5887", "CVE-2012-5886", "CVE-2012-5885"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310802678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802678\");\n script_version(\"2019-05-10T11:41:35+0000\");\n script_cve_id(\"CVE-2012-5887\", \"CVE-2012-5886\", \"CVE-2012-5885\");\n script_bugtraq_id(56403);\n script_tag(name:\"last_modification\", value:\"2019-05-10 11:41:35 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-11-27 16:27:51 +0530 (Tue, 27 Nov 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51138/\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.36\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.30\");\n script_xref(name:\"URL\", value:\"http://svn.apache.org/viewvc?view=revision&revision=1377807\");\n script_xref(name:\"URL\", value:\"http://svn.apache.org/viewvc?view=revision&revision=1380829\");\n script_xref(name:\"URL\", value:\"http://svn.apache.org/viewvc?view=revision&revision=1392248\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to bypass intended\n access restrictions by sniffing the network for valid requests.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat version 5.5.x to 5.5.35, 6.x to 6.0.35 and 7.x to 7.0.29.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to error in HTTP digest access authentication\n implementation, which does not properly validate for,\n\n - stale nonce values in conjunction with enforcement of proper credentials\n\n - caches information about the authenticated user within the session state\n\n - cnonce values instead of nonce and nc values.\");\n\n script_tag(name:\"summary\", value:\"The host is running Apache Tomcat Server and is prone to multiple\n security bypass vulnerabilities.\");\n\n script_tag(name:\"solution\", value:\"Apply patch or upgrade Apache Tomcat to 5.5.36, 6.0.36, 7.0.30 or later.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif( version_in_range( version:vers, test_version:\"5.5.0\", test_version2:\"5.5.35\" ) ||\n version_in_range( version:vers, test_version:\"6.0.0\", test_version2:\"6.0.35\" ) ||\n version_in_range( version:vers, test_version:\"7.0.0\", test_version2:\"7.0.29\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.5.36/6.0.36/7.0.30\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-14T19:00:42", "description": "Oracle Linux Local Security Checks ELSA-2011-0791", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0791", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4172", "CVE-2011-0013", "CVE-2010-3718"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310122163", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122163", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122163\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:06 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0791\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0791 - tomcat6 security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0791\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0791.html\");\n script_cve_id(\"CVE-2010-3718\", \"CVE-2010-4172\", \"CVE-2011-0013\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-el-2.1-api\", rpm:\"tomcat6-el-2.1-api~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1-api\", rpm:\"tomcat6-jsp-2.1-api~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5-api\", rpm:\"tomcat6-servlet-2.5-api~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.24~33.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-06T13:07:27", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat6 RHSA-2011:0791-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4172", "CVE-2011-0013", "CVE-2010-3718"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:870626", "href": "http://plugins.openvas.org/nasl.php?oid=870626", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat6 RHSA-2011:0791-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n It was found that web applications could modify the location of the Tomcat\n host's work directory. As web applications deployed on Tomcat have read and\n write access to this directory, a malicious web application could use this\n flaw to trick Tomcat into giving it read and write access to an arbitrary\n directory on the file system. (CVE-2010-3718)\n\n A cross-site scripting (XSS) flaw was found in the Manager application,\n used for managing web applications on Tomcat. If a remote attacker could\n trick a user who is logged into the Manager application into visiting a\n specially-crafted URL, the attacker could perform Manager application tasks\n with the privileges of the logged in user. (CVE-2010-4172)\n\n A second cross-site scripting (XSS) flaw was found in the Manager\n application. A malicious web application could use this flaw to conduct an\n XSS attack, leading to arbitrary web script execution with the privileges\n of victims who are logged into and viewing Manager application web pages.\n (CVE-2011-0013)\n\n This update also fixes the following bugs:\n\n * A bug in the &quot;tomcat6&quot; init script prevented additional Tomcat instances\n from starting. As well, running &quot;service tomcat6 start&quot; caused\n configuration options applied from &quot;/etc/sysconfig/tomcat6&quot; to be\n overwritten with those from &quot;/etc/tomcat6/tomcat6.conf&quot;. With this update,\n multiple instances of Tomcat run as expected. (BZ#636997)\n\n * The &quot;/usr/share/java/&quot; directory was missing a symbolic link to the\n &quot;/usr/share/tomcat6/bin/tomcat-juli.jar&quot; library. Because this library was\n mandatory for certain operations (such as running the Jasper JSP\n precompiler), the &quot;build-jar-repository&quot; command was unable to compose a\n valid classpath. With this update, the missing symbolic link has been\n added. (BZ#661244)\n\n * Previously, the &quot;tomcat6&quot; init script failed to start Tomcat with a &quot;This\n account is currently not available.&quot; message when Tomcat was configured to\n run under a user that did not have a valid shell configured as a login\n shell. This update modifies the init script to work correctly regardless of\n the daemon user's login shell. Additionally, these new tomcat6 packages now\n set &quot;/sbin/nologin&quot; as the login shell for the &quot;tomcat&quot; user upon\n installation, as recommended by deployment best practices. (BZ#678671 ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"tomcat6 on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-May/msg00026.html\");\n script_id(870626);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:35:19 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2010-3718\", \"CVE-2010-4172\", \"CVE-2011-0013\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"RHSA\", value: \"2011:0791-01\");\n script_name(\"RedHat Update for tomcat6 RHSA-2011:0791-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~33.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el-2.1-api\", rpm:\"tomcat6-el-2.1-api~6.0.24~33.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1-api\", rpm:\"tomcat6-jsp-2.1-api~6.0.24~33.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~33.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5-api\", rpm:\"tomcat6-servlet-2.5-api~6.0.24~33.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2023-05-19T14:26:37", "description": "Two security issues have been found in the Tomcat servlet and JSP engine :\n\n - CVE-2012-3544 The input filter for chunked transfer encodings could trigger high resource consumption through malformed CRLF sequences, resulting in denial of service.\n\n - CVE-2013-2067 The FormAuthenticator module was vulnerable to session fixation.", "cvss3": {}, "published": "2013-07-19T00:00:00", "type": "nessus", "title": "Debian DSA-2725-1 : tomcat6 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-3544", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887", "CVE-2013-2067"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tomcat6", "cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2725.NASL", "href": "https://www.tenable.com/plugins/nessus/68971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2725. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68971);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-3544\", \"CVE-2013-2067\");\n script_bugtraq_id(59797, 59799);\n script_xref(name:\"DSA\", value:\"2725\");\n\n script_name(english:\"Debian DSA-2725-1 : tomcat6 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security issues have been found in the Tomcat servlet and JSP\nengine :\n\n - CVE-2012-3544\n The input filter for chunked transfer encodings could\n trigger high resource consumption through malformed CRLF\n sequences, resulting in denial of service.\n\n - CVE-2013-2067\n The FormAuthenticator module was vulnerable to session\n fixation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-3544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-2733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-3546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-4431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-4534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/tomcat6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/tomcat6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2725\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat6 packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 6.0.35-1+squeeze3. This update also provides fixes\nfor CVE-2012-2733, CVE-2012-3546, CVE-2012-4431, CVE-2012-4534,\nCVE-2012-5885, CVE-2012-5886 and CVE-2012-5887, which were all fixed\nfor stable already.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 6.0.35-6+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libservlet2.5-java\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libservlet2.5-java-doc\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libtomcat6-java\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-admin\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-common\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-docs\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-examples\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-user\", reference:\"6.0.35-1+squeeze3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libservlet2.4-java\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libservlet2.5-java\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libservlet2.5-java-doc\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtomcat6-java\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-admin\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-common\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-docs\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-examples\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-extras\", reference:\"6.0.35-6+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-user\", reference:\"6.0.35-6+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:38", "description": "The remote host is affected by the vulnerability described in GLSA-201412-29 (Apache Tomcat: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Tomcat. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker may be able to cause a Denial of Service condition as well as obtain sensitive information, bypass protection mechanisms and authentication restrictions.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "GLSA-201412-29 : Apache Tomcat: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-3544", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887", "CVE-2013-2067", "CVE-2013-2071", "CVE-2013-4286", "CVE-2013-4322", "CVE-2013-4590", "CVE-2014-0033", "CVE-2014-0050", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:tomcat", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-29.NASL", "href": "https://www.tenable.com/plugins/nessus/79982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-29.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79982);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-3544\", \"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\", \"CVE-2013-2067\", \"CVE-2013-2071\", \"CVE-2013-4286\", \"CVE-2013-4322\", \"CVE-2013-4590\", \"CVE-2014-0033\", \"CVE-2014-0050\", \"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\");\n script_bugtraq_id(56402, 56403, 56812, 56813, 56814, 59797, 59798, 59799, 65400, 65767, 65768, 65769, 65773, 67667, 67668, 67669, 67671);\n script_xref(name:\"GLSA\", value:\"201412-29\");\n\n script_name(english:\"GLSA-201412-29 : Apache Tomcat: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-29\n(Apache Tomcat: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Tomcat. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to cause a Denial of Service condition as\n well as obtain sensitive information, bypass protection mechanisms and\n authentication restrictions.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Tomcat 6.0.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-6.0.41'\n All Tomcat 7.0.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-7.0.56'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/tomcat\", unaffected:make_list(\"ge 7.0.56\", \"rge 6.0.41\", \"rge 6.0.42\", \"rge 6.0.43\", \"rge 6.0.44\", \"rge 6.0.45\", \"rge 6.0.46\", \"rge 6.0.47\", \"rge 6.0.48\"), vulnerable:make_list(\"lt 7.0.56\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache Tomcat\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:53", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - java/org/apache/coyote/http11/InternalNioInputBuffer.jav a in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data. (CVE-2012-2733)\n\n - org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI. (CVE-2012-3546)\n\n - org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. (CVE-2012-4431)\n\n - org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response. (CVE-2012-4534)\n\n - The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184. (CVE-2012-5885)\n\n - The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID. (CVE-2012-5886)\n\n - The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests. (CVE-2012-5887)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : tomcat (multiple_vulnerabilities_in_apache_tomcat3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:tomcat"], "id": "SOLARIS11_TOMCAT_20140401.NASL", "href": "https://www.tenable.com/plugins/nessus/80791", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80791);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : tomcat (multiple_vulnerabilities_in_apache_tomcat3)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - java/org/apache/coyote/http11/InternalNioInputBuffer.jav\n a in the HTTP NIO connector in Apache Tomcat 6.x before\n 6.0.36 and 7.x before 7.0.28 does not properly restrict\n the request-header size, which allows remote attackers\n to cause a denial of service (memory consumption) via a\n large amount of header data. (CVE-2012-2733)\n\n - org/apache/catalina/realm/RealmBase.java in Apache\n Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when\n FORM authentication is used, allows remote attackers to\n bypass security-constraint checks by leveraging a\n previous setUserPrincipal call and then placing\n /j_security_check at the end of a URI. (CVE-2012-3546)\n\n - org/apache/catalina/filters/CsrfPreventionFilter.java in\n Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32\n allows remote attackers to bypass the cross-site request\n forgery (CSRF) protection mechanism via a request that\n lacks a session identifier. (CVE-2012-4431)\n\n - org/apache/tomcat/util/net/NioEndpoint.java in Apache\n Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the\n NIO connector is used in conjunction with sendfile and\n HTTPS, allows remote attackers to cause a denial of\n service (infinite loop) by terminating the connection\n during the reading of a response. (CVE-2012-4534)\n\n - The replay-countermeasure functionality in the HTTP\n Digest Access Authentication implementation in Apache\n Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x\n before 7.0.30 tracks cnonce (aka client nonce) values\n instead of nonce (aka server nonce) and nc (aka\n nonce-count) values, which makes it easier for remote\n attackers to bypass intended access restrictions by\n sniffing the network for valid requests, a different\n vulnerability than CVE-2011-1184. (CVE-2012-5885)\n\n - The HTTP Digest Access Authentication implementation in\n Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36,\n and 7.x before 7.0.30 caches information about the\n authenticated user within the session state, which makes\n it easier for remote attackers to bypass authentication\n via vectors related to the session ID. (CVE-2012-5886)\n\n - The HTTP Digest Access Authentication implementation in\n Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36,\n and 7.x before 7.0.30 does not properly check for stale\n nonce values in conjunction with enforcement of proper\n credentials, which makes it easier for remote attackers\n to bypass intended access restrictions by sniffing the\n network for valid requests. (CVE-2012-5887)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-apache-tomcat\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce09309a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.4.5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:tomcat\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^tomcat$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.4.0.5.0\", sru:\"SRU 4.5\") > 0) flag++;\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSRF', value:TRUE);\n error_extra = 'Affected package : tomcat\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"tomcat\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:33", "description": "Versions earlier than Apache Tomcat 6.0.36 are potentially affected by multiple vulnerabilities :\n\n - A flaw exists within the parseHeaders() function that could allow for a crafted header to cause a remote denial of service. (CVE-2012-2733)\n\n - An error exists related to FORM authentication that can allow security bypass if 'j_security_check' is appended to the request. (CVE-2012-3546)\n\n - An error exists in the file 'filters/CsrfPreventionFilter.java' that can allow cross-site request forgery (CSRF) attacks to bypass the filtering. This can allow access to protected resources without a session identifier. (CVE-2012-4431)\n\n - An error exists related to the 'NIO' connector when HTTPS and 'sendfile' are enabled that can force the application into an infinite loop. (CVE-2012-4534)\n\n - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead of nonce values, which makes it easier for attackers to bypass access restrictions by sniffing the network for valid requests. (CVE-2012-5885)\n\n - HTTP Digest Access Authentication implementation caches information about the authenticated user, which could potentially allow an attacker to bypass authentication via session ID. (CVE-2012-5886)\n\n - HTTP Digest Access Authentication implementation does not properly check for stale nonce values with enforcement of proper credentials, which allows an attacker to bypass restrictions by sniffing requests. (CVE-2012-5887)", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "nessus", "title": "Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2012-11-26T00:00:00", "cpe": [], "id": "800612.PRM", "href": "https://www.tenable.com/plugins/lce/800612", "sourceData": "Binary data 800612.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:35", "description": "According to its self-reported version number, the instance of Apache Tomcat 6.0 listening on the remote host is prior to Tomcat 6.0.36. It is, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists within the parseHeaders() function that allows for a crafted header to cause a remote denial of service. (CVE-2012-2733)\n\n - An error exists related to FORM authentication that allows a security bypass if 'j_security_check' is appended to the request. (CVE-2012-3546)\n\n - An error exists in the file 'filters/CsrfPreventionFilter.java' that allows cross-site request forgery (XSRF) attacks to bypass the filtering. This can allow access to protected resources without a session identifier. (CVE-2012-4431)\n\n - An error exists related to the 'NIO' connector when HTTPS and 'sendfile' are enabled that can force the application into an infinite loop. (CVE-2012-4534)\n\n - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead of nonce values, which makes it easier for attackers to bypass access restrictions by sniffing the network for valid requests. (CVE-2012-5885)\n\n - The HTTP Digest Access Authentication implementation caches information about the authenticated user, which allows an attacker to bypass authentication via session ID. (CVE-2012-5886)\n\n - The HTTP Digest Access Authentication implementation does not properly check for stale nonce values with enforcement of proper credentials, which allows an attacker to bypass restrictions by sniffing requests. (CVE-2012-5887)\n\nNote that Nessus Network Monitor has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "nessus", "title": "Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "6657.PASL", "href": "https://www.tenable.com/plugins/nnm/6657", "sourceData": "Binary data 6657.pasl", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:30:33", "description": "- Updated to 7.0.33\n\n - Resolves: rhbz 873620 need chkconfig for update-alternatives\n\n - Resolves: rhbz 883676,883691,883704,873707 fix several security issues\n\n - Resolves: rhbz 883806 refix logdir ownership\n\n - Resolves: rhbz 820119 Remove bundled apache-commons-dbcp\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-12-20T00:00:00", "type": "nessus", "title": "Fedora 16 : tomcat-7.0.33-1.fc16 (2012-20151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-20151.NASL", "href": "https://www.tenable.com/plugins/nessus/63309", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-20151.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63309);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56402, 56403, 56812, 56813, 56814);\n script_xref(name:\"FEDORA\", value:\"2012-20151\");\n\n script_name(english:\"Fedora 16 : tomcat-7.0.33-1.fc16 (2012-20151)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Updated to 7.0.33\n\n - Resolves: rhbz 873620 need chkconfig for\n update-alternatives\n\n - Resolves: rhbz 883676,883691,883704,873707 fix several\n security issues\n\n - Resolves: rhbz 883806 refix logdir ownership\n\n - Resolves: rhbz 820119 Remove bundled\n apache-commons-dbcp\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=873664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=873695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=883634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=883636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=883637\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0bbf6a2f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"tomcat-7.0.33-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:46", "description": "According to its self-reported version number, the instance of Apache Tomcat 6.0 listening on the remote host is prior to Tomcat 6.0.36. It is, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists within the parseHeaders() function that allows for a crafted header to cause a remote denial of service. (CVE-2012-2733)\n\n - An error exists related to FORM authentication that allows a security bypass if 'j_security_check' is appended to the request. (CVE-2012-3546)\n\n - An error exists in the file 'filters/CsrfPreventionFilter.java' that allows cross-site request forgery (XSRF) attacks to bypass the filtering. This can allow access to protected resources without a session identifier. (CVE-2012-4431)\n\n - An error exists related to the 'NIO' connector when HTTPS and 'sendfile' are enabled that can force the application into an infinite loop. (CVE-2012-4534)\n\n - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead of nonce values, which makes it easier for attackers to bypass access restrictions by sniffing the network for valid requests. (CVE-2012-5885)\n\n - The HTTP Digest Access Authentication implementation caches information about the authenticated user, which allows an attacker to bypass authentication via session ID. (CVE-2012-5886)\n\n - The HTTP Digest Access Authentication implementation does not properly check for stale nonce values with enforcement of proper credentials, which allows an attacker to bypass restrictions by sniffing requests.\n (CVE-2012-5887)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2012-11-21T00:00:00", "type": "nessus", "title": "Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_6_0_36.NASL", "href": "https://www.tenable.com/plugins/nessus/62987", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62987);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2012-2733\",\n \"CVE-2012-3546\",\n \"CVE-2012-4431\",\n \"CVE-2012-4534\",\n \"CVE-2012-5885\",\n \"CVE-2012-5886\",\n \"CVE-2012-5887\"\n );\n script_bugtraq_id(\n 56402,\n 56403,\n 56812,\n 56813,\n 56814\n );\n\n script_name(english:\"Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the instance of Apache\nTomcat 6.0 listening on the remote host is prior to Tomcat 6.0.36. It\nis, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists within the parseHeaders() function that\n allows for a crafted header to cause a remote denial of\n service. (CVE-2012-2733)\n\n - An error exists related to FORM authentication that\n allows a security bypass if 'j_security_check' is\n appended to the request. (CVE-2012-3546)\n\n - An error exists in the file\n 'filters/CsrfPreventionFilter.java' that allows\n cross-site request forgery (XSRF) attacks to bypass\n the filtering. This can allow access to protected\n resources without a session identifier. (CVE-2012-4431)\n\n - An error exists related to the 'NIO' connector when\n HTTPS and 'sendfile' are enabled that can force the\n application into an infinite loop. (CVE-2012-4534)\n\n - Replay-countermeasure functionality in HTTP Digest\n Access Authentication tracks cnonce values instead of\n nonce values, which makes it easier for attackers to\n bypass access restrictions by sniffing the network for\n valid requests. (CVE-2012-5885)\n\n - The HTTP Digest Access Authentication implementation\n caches information about the authenticated user, which\n allows an attacker to bypass authentication via session\n ID. (CVE-2012-5886)\n\n - The HTTP Digest Access Authentication implementation\n does not properly check for stale nonce values with\n enforcement of proper credentials, which allows an\n attacker to bypass restrictions by sniffing requests.\n (CVE-2012-5887)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2012/Dec/72\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2012/Dec/73\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2012/Dec/74\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 6.0.36 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5887\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"6.0.36\", min:\"6.0.0\", severity:SECURITY_WARNING, xsrf:TRUE, granularity_regex:\"^6(\\.0)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:10:48", "description": "Updated tomcat packages fix security vulnerabilities :\n\nApache Tomcat 7.x before 7.0.47, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a Transfer-Encoding: chunked header (CVE-2013-4286).\n\nApache Tomcat 7.x before 7.0.50 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data (CVE-2013-4322).\n\nApache Tomcat 7.x before 7.0.50 allows attackers to obtain Tomcat internals information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2013-4590).\n\nInteger overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data (CVE-2014-0075).\n\njava/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2014-0096).\n\nInteger overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header (CVE-2014-0099).\n\nApache Tomcat before 6.0.40 and 7.x before 7.0.54 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or read files associated with different web applications on a single Tomcat instance via a crafted web application (CVE-2014-0119).\n\nIn Apache Tomcat 7.x before 7.0.55, it was possible to craft a malformed chunk as part of a chunked request that caused Tomcat to read part of the request body as a new request (CVE-2014-0227).", "cvss3": {}, "published": "2015-03-19T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : tomcat (MDVSA-2015:052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4286", "CVE-2013-4322", "CVE-2013-4590", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119", "CVE-2014-0227"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tomcat", "p-cpe:/a:mandriva:linux:tomcat-admin-webapps", "p-cpe:/a:mandriva:linux:tomcat-docs-webapp", "p-cpe:/a:mandriva:linux:tomcat-el-2.2-api", "p-cpe:/a:mandriva:linux:tomcat-javadoc", "p-cpe:/a:mandriva:linux:tomcat-jsp-2.2-api", "p-cpe:/a:mandriva:linux:tomcat-jsvc", "p-cpe:/a:mandriva:linux:tomcat-lib", "p-cpe:/a:mandriva:linux:tomcat-log4j", "p-cpe:/a:mandriva:linux:tomcat-servlet-3.0-api", "p-cpe:/a:mandriva:linux:tomcat-webapps", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2015-052.NASL", "href": "https://www.tenable.com/plugins/nessus/81935", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:052. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81935);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-4286\", \"CVE-2013-4322\", \"CVE-2013-4590\", \"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\", \"CVE-2014-0227\");\n script_bugtraq_id(65767, 65768, 65773, 67667, 67668, 67669, 67671, 72717);\n script_xref(name:\"MDVSA\", value:\"2015:052\");\n\n script_name(english:\"Mandriva Linux Security Advisory : tomcat (MDVSA-2015:052)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages fix security vulnerabilities :\n\nApache Tomcat 7.x before 7.0.47, when an HTTP connector or AJP\nconnector is used, does not properly handle certain inconsistent HTTP\nrequest headers, which allows remote attackers to trigger incorrect\nidentification of a request's length and conduct request-smuggling\nattacks via (1) multiple Content-Length headers or (2) a\nContent-Length header and a Transfer-Encoding: chunked header\n(CVE-2013-4286).\n\nApache Tomcat 7.x before 7.0.50 processes chunked transfer coding\nwithout properly handling (1) a large total amount of chunked data or\n(2) whitespace characters in an HTTP header value within a trailer\nfield, which allows remote attackers to cause a denial of service by\nstreaming data (CVE-2013-4322).\n\nApache Tomcat 7.x before 7.0.50 allows attackers to obtain Tomcat\ninternals information by leveraging the presence of an untrusted web\napplication with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML\ndocument containing an external entity declaration in conjunction with\nan entity reference, related to an XML External Entity (XXE) issue\n(CVE-2013-4590).\n\nInteger overflow in the parseChunkHeader function in\njava/org/apache/coyote/http11/filters/ChunkedInputFilter.java in\nApache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote\nattackers to cause a denial of service (resource consumption) via a\nmalformed chunk size in chunked transfer coding of a request during\nthe streaming of data (CVE-2014-0075).\n\njava/org/apache/catalina/servlets/DefaultServlet.java in the default\nservlet in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 does not\nproperly restrict XSLT stylesheets, which allows remote attackers to\nbypass security-manager restrictions and read arbitrary files via a\ncrafted web application that provides an XML external entity\ndeclaration in conjunction with an entity reference, related to an XML\nExternal Entity (XXE) issue (CVE-2014-0096).\n\nInteger overflow in java/org/apache/tomcat/util/buf/Ascii.java in\nApache Tomcat before 6.0.40 and 7.x before 7.0.53, when operated\nbehind a reverse proxy, allows remote attackers to conduct HTTP\nrequest smuggling attacks via a crafted Content-Length HTTP header\n(CVE-2014-0099).\n\nApache Tomcat before 6.0.40 and 7.x before 7.0.54 does not properly\nconstrain the class loader that accesses the XML parser used with an\nXSLT stylesheet, which allows remote attackers to read arbitrary files\nvia a crafted web application that provides an XML external entity\ndeclaration in conjunction with an entity reference, related to an XML\nExternal Entity (XXE) issue, or read files associated with different\nweb applications on a single Tomcat instance via a crafted web\napplication (CVE-2014-0119).\n\nIn Apache Tomcat 7.x before 7.0.55, it was possible to craft a\nmalformed chunk as part of a chunked request that caused Tomcat to\nread part of the request body as a new request (CVE-2014-0227).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0148.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0268.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0081.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-admin-webapps-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-docs-webapp-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-el-2.2-api-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-javadoc-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-jsp-2.2-api-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-jsvc-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-lib-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-log4j-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-servlet-3.0-api-7.0.59-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"tomcat-webapps-7.0.59-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-02T14:14:52", "description": "Updated tomcat5 packages that fix multiple security issues and two bugs are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nJBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime (APR) support for Tomcat. References in this text to APR refer to the Tomcat Native implementation, not any other apr package.\n\nThis update includes bug fixes as documented in JBPAPP-4873 and JBPAPP-6133. It also resolves the following security issues :\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064)\n\nA flaw was found in the way the Coyote (org.apache.coyote.ajp.AjpProcessor) and APR (org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ Protocol) connectors processed certain POST requests. An attacker could send a specially crafted request that would cause the connector to treat the message body as a new request. This allows arbitrary AJP messages to be injected, possibly allowing an attacker to bypass a web application's authentication checks and gain access to information they would otherwise be unable to access. The JK (org.apache.jk.server.JkCoyoteHandler) connector is used by default when the APR libraries are not present. The JK connector is not affected by this flaw. (CVE-2011-3190)\n\nIt was found that the Java hashCode() method implementation was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause Tomcat to use an excessive amount of CPU time by sending an HTTP request with a large number of parameters whose names map to the same hash value. This update introduces a limit on the number of parameters processed per request to mitigate this issue.\nThe default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2011-4858)\n\nIt was found that Tomcat did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make Tomcat use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values.\nThis update introduces limits on the number of parameters and headers processed per request to address this issue. Refer to the CVE-2011-4858 description for information about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2012-0022)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes when using the HTTP APR or NIO (Non-Blocking I/O) connector. A malicious web application running on a Tomcat instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM). The HTTP NIO connector is used by default in JBoss Enterprise Web Server. (CVE-2011-2526)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4858, and the Apache Tomcat project for reporting CVE-2011-2526. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4858.\n\nUsers of Tomcat should upgrade to these updated packages, which resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : JBoss Web Server (RHSA-2012:0680)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5", "p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-eclipse", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-parent", "p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-0680.NASL", "href": "https://www.tenable.com/plugins/nessus/78924", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0680. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78924);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_bugtraq_id(48456, 48667, 49353, 49762, 51200, 51447);\n script_xref(name:\"RHSA\", value:\"2012:0680\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss Web Server (RHSA-2012:0680)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat5 packages that fix multiple security issues and two\nbugs are now available for JBoss Enterprise Web Server 1.0.2 for Red\nHat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nJBoss Enterprise Web Server includes the Tomcat Native library,\nproviding Apache Portable Runtime (APR) support for Tomcat. References\nin this text to APR refer to the Tomcat Native implementation, not any\nother apr package.\n\nThis update includes bug fixes as documented in JBPAPP-4873 and\nJBPAPP-6133. It also resolves the following security issues :\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST\nauthentication. These flaws weakened the Tomcat HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184, CVE-2011-5062,\nCVE-2011-5063, CVE-2011-5064)\n\nA flaw was found in the way the Coyote\n(org.apache.coyote.ajp.AjpProcessor) and APR\n(org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ\nProtocol) connectors processed certain POST requests. An attacker\ncould send a specially crafted request that would cause the connector\nto treat the message body as a new request. This allows arbitrary AJP\nmessages to be injected, possibly allowing an attacker to bypass a web\napplication's authentication checks and gain access to information\nthey would otherwise be unable to access. The JK\n(org.apache.jk.server.JkCoyoteHandler) connector is used by default\nwhen the APR libraries are not present. The JK connector is not\naffected by this flaw. (CVE-2011-3190)\n\nIt was found that the Java hashCode() method implementation was\nsusceptible to predictable hash collisions. A remote attacker could\nuse this flaw to cause Tomcat to use an excessive amount of CPU time\nby sending an HTTP request with a large number of parameters whose\nnames map to the same hash value. This update introduces a limit on\nthe number of parameters processed per request to mitigate this issue.\nThe default limit is 512 for parameters and 128 for headers. These\ndefaults can be changed by setting the\norg.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2011-4858)\n\nIt was found that Tomcat did not handle large numbers of parameters\nand large parameter values efficiently. A remote attacker could make\nTomcat use an excessive amount of CPU time by sending an HTTP request\ncontaining a large number of parameters or large parameter values.\nThis update introduces limits on the number of parameters and headers\nprocessed per request to address this issue. Refer to the\nCVE-2011-4858 description for information about the\norg.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2012-0022)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime\nexception occurred when creating a new user with a JMX client, that\nuser's password was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes\nwhen using the HTTP APR or NIO (Non-Blocking I/O) connector. A\nmalicious web application running on a Tomcat instance could use this\nflaw to bypass security manager restrictions and gain access to files\nit would otherwise be unable to access, or possibly terminate the Java\nVirtual Machine (JVM). The HTTP NIO connector is used by default in\nJBoss Enterprise Web Server. (CVE-2011-2526)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4858, and the\nApache Tomcat project for reporting CVE-2011-2526. oCERT acknowledges\nJulian Walde and Alexander Klink as the original reporters of\nCVE-2011-4858.\n\nUsers of Tomcat should upgrade to these updated packages, which\nresolve these issues. Tomcat must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n # https://issues.jboss.org/browse/JBPAPP-4873\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://issues.jboss.org/browse/JBPAPP-4873?_sscc=t\"\n );\n # https://issues.jboss.org/browse/JBPAPP-6133\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://issues.jboss.org/browse/JBPAPP-6133?_sscc=t\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0022\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-eclipse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0680\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"mod_cluster\") || rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-admin-webapps-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-common-lib-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-jasper-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-jasper-eclipse-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-jasper-javadoc-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-jsp-2.0-api-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-parent-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-server-lib-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-servlet-2.4-api-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.33-27_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat5-webapps-5.5.33-27_patch_07.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-admin-webapps-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-common-lib-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-jasper-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-jasper-eclipse-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-jasper-javadoc-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-jsp-2.0-api-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-parent-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-server-lib-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-servlet-2.4-api-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.33-28_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat5-webapps-5.5.33-28_patch_07.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:27", "description": "Updated tomcat6 packages that fix multiple security issues are now available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a protected resource could bypass the Cross-Site Request Forgery (CSRF) prevention filter. A remote attacker could use this flaw to perform CSRF attacks against applications that rely on the CSRF prevention filter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when using the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker could use this flaw to cause a denial of service (infinite loop). The HTTP NIO connector is used by default in JBoss Enterprise Web Server. The Apache Portable Runtime (APR) connector from the Tomcat Native library was not affected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO connector enforced limits on the permitted size of request headers. A remote attacker could use this flaw to trigger an OutOfMemoryError by sending a specially crafted request with very large headers. The HTTP NIO connector is used by default in JBoss Enterprise Web Server. The APR connector from the Tomcat Native library was not affected by this flaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise Web Server installation (including all applications and configuration files).\n\nUsers of Tomcat should upgrade to these updated packages, which resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0266)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0266.NASL", "href": "https://www.tenable.com/plugins/nessus/76234", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0266. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76234);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56402, 56403, 56813, 56814);\n script_xref(name:\"RHSA\", value:\"2013:0266\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0266)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix multiple security issues are now\navailable for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise\nLinux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when\nusing the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote\nattacker could use this flaw to cause a denial of service (infinite\nloop). The HTTP NIO connector is used by default in JBoss Enterprise\nWeb Server. The Apache Portable Runtime (APR) connector from the\nTomcat Native library was not affected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO\nconnector enforced limits on the permitted size of request headers. A\nremote attacker could use this flaw to trigger an OutOfMemoryError by\nsending a specially crafted request with very large headers. The HTTP\nNIO connector is used by default in JBoss Enterprise Web Server. The\nAPR connector from the Tomcat Native library was not affected by this\nflaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss\nEnterprise Web Server installation (including all applications and\nconfiguration files).\n\nUsers of Tomcat should upgrade to these updated packages, which\nresolve these issues. Tomcat must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-6.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0266\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5887\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0266\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"mod_cluster\") || rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-admin-webapps-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-docs-webapp-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-el-1.0-api-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-javadoc-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-jsp-2.1-api-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-lib-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-log4j-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-servlet-2.5-api-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-webapps-6.0.35-6_patch_06.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-1.0-api-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-log4j-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.35-29_patch_06.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:10:47", "description": "Updated jbossweb packages that fix multiple security issues are now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nJBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages (JSP) and Java Servlet technologies.\n\nA flaw was found in the way JBoss Web handled UTF-8 surrogate pair characters. If JBoss Web was hosting an application with UTF-8 character encoding enabled, or that included user-supplied UTF-8 strings in a response, a remote attacker could use this flaw to cause a denial of service (infinite loop) on the JBoss Web server.\n(CVE-2011-4610)\n\nIt was found that the Java hashCode() method implementation was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause JBoss Web to use an excessive amount of CPU time by sending an HTTP request with a large number of parameters whose names map to the same hash value. This update introduces a limit on the number of parameters and headers processed per request to mitigate this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties in 'jboss-as/server/[PROFILE]/deploy/properties-service.xml'.\n(CVE-2011-4858)\n\nIt was found that JBoss Web did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make a JBoss Web server use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue.\nRefer to the CVE-2011-4858 description for information about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2012-0022)\n\nMultiple flaws were found in the way JBoss Web handled HTTP DIGEST authentication. These flaws weakened the JBoss Web HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064)\n\nA flaw was found in the way JBoss Web handled sendfile request attributes when using the HTTP APR (Apache Portable Runtime) or NIO (Non-Blocking I/O) connector. A malicious web application running on a JBoss Web instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM).\n(CVE-2011-2526)\n\nRed Hat would like to thank NTT OSSC for reporting CVE-2011-4610;\noCERT for reporting CVE-2011-4858; and the Apache Tomcat project for reporting CVE-2011-2526. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4858.\n\nWarning: Before applying this update, back up your JBoss Enterprise Application Platform's 'jboss-as/server/[PROFILE]/deploy/' directory, along with all other customized configuration files.\n\nUsers of JBoss Enterprise Application Platform 5.1.2 on Red Hat Enterprise Linux 4, 5, and 6 should upgrade to these updated packages, which correct these issues. The JBoss server process must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : jbossweb (RHSA-2012:0074)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-2526", "CVE-2011-4610", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jbossweb-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:jbossweb-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:jbossweb-lib", "p-cpe:/a:redhat:enterprise_linux:jbossweb-servlet-2.5-api", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-0074.NASL", "href": "https://www.tenable.com/plugins/nessus/64022", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0074. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64022);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2526\", \"CVE-2011-4610\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_xref(name:\"RHSA\", value:\"2012:0074\");\n\n script_name(english:\"RHEL 5 / 6 : jbossweb (RHSA-2012:0074)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jbossweb packages that fix multiple security issues are now\navailable for JBoss Enterprise Application Platform 5.1.2 for Red Hat\nEnterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nJBoss Web is the web container, based on Apache Tomcat, in JBoss\nEnterprise Application Platform. It provides a single deployment\nplatform for the JavaServer Pages (JSP) and Java Servlet technologies.\n\nA flaw was found in the way JBoss Web handled UTF-8 surrogate pair\ncharacters. If JBoss Web was hosting an application with UTF-8\ncharacter encoding enabled, or that included user-supplied UTF-8\nstrings in a response, a remote attacker could use this flaw to cause\na denial of service (infinite loop) on the JBoss Web server.\n(CVE-2011-4610)\n\nIt was found that the Java hashCode() method implementation was\nsusceptible to predictable hash collisions. A remote attacker could\nuse this flaw to cause JBoss Web to use an excessive amount of CPU\ntime by sending an HTTP request with a large number of parameters\nwhose names map to the same hash value. This update introduces a limit\non the number of parameters and headers processed per request to\nmitigate this issue. The default limit is 512 for parameters and 128\nfor headers. These defaults can be changed by setting the\norg.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties in\n'jboss-as/server/[PROFILE]/deploy/properties-service.xml'.\n(CVE-2011-4858)\n\nIt was found that JBoss Web did not handle large numbers of parameters\nand large parameter values efficiently. A remote attacker could make a\nJBoss Web server use an excessive amount of CPU time by sending an\nHTTP request containing a large number of parameters or large\nparameter values. This update introduces limits on the number of\nparameters and headers processed per request to address this issue.\nRefer to the CVE-2011-4858 description for information about the\norg.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2012-0022)\n\nMultiple flaws were found in the way JBoss Web handled HTTP DIGEST\nauthentication. These flaws weakened the JBoss Web HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184, CVE-2011-5062,\nCVE-2011-5063, CVE-2011-5064)\n\nA flaw was found in the way JBoss Web handled sendfile request\nattributes when using the HTTP APR (Apache Portable Runtime) or NIO\n(Non-Blocking I/O) connector. A malicious web application running on a\nJBoss Web instance could use this flaw to bypass security manager\nrestrictions and gain access to files it would otherwise be unable to\naccess, or possibly terminate the Java Virtual Machine (JVM).\n(CVE-2011-2526)\n\nRed Hat would like to thank NTT OSSC for reporting CVE-2011-4610;\noCERT for reporting CVE-2011-4858; and the Apache Tomcat project for\nreporting CVE-2011-2526. oCERT acknowledges Julian Walde and\nAlexander Klink as the original reporters of CVE-2011-4858.\n\nWarning: Before applying this update, back up your JBoss Enterprise\nApplication Platform's 'jboss-as/server/[PROFILE]/deploy/' directory,\nalong with all other customized configuration files.\n\nUsers of JBoss Enterprise Application Platform 5.1.2 on Red Hat\nEnterprise Linux 4, 5, and 6 should upgrade to these updated packages,\nwhich correct these issues. The JBoss server process must be restarted\nfor this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4610\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0074\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-2.1.12-3_patch_03.2.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-el-1.0-api-2.1.12-3_patch_03.2.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-jsp-2.1-api-2.1.12-3_patch_03.2.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-lib-2.1.12-3_patch_03.2.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-servlet-2.5-api-2.1.12-3_patch_03.2.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-2.1.12-3_patch_03.2.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-el-1.0-api-2.1.12-3_patch_03.2.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-jsp-2.1-api-2.1.12-3_patch_03.2.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-lib-2.1.12-3_patch_03.2.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-servlet-2.5-api-2.1.12-3_patch_03.2.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jbossweb / jbossweb-el-1.0-api / jbossweb-jsp-2.1-api / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:04", "description": "This update of tomcat6 fixes the following security issues :\n\n - denial of service. (CVE-2012-4534)\n\n - tomcat: HTTP NIO connector OOM DoS via a request with large headers. (CVE-2012-2733)\n\n - tomcat: cnonce tracking weakness. (CVE-2012-5885)\n\n - tomcat: authentication caching weakness. (CVE-2012-5886)\n\n - tomcat: stale nonce weakness. (CVE-2012-5887)\n\n - tomcat: affected by slowloris DoS. (CVE-2012-5568)\n\n - tomcat: Bypass of security constraints. (CVE-2012-3546)\n\n - tomcat: bypass of CSRF prevention filter.\n (CVE-2012-4431)", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : tomcat6 (SAT Patch Number 7208)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5568", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:tomcat6", "p-cpe:/a:novell:suse_linux:11:tomcat6-admin-webapps", "p-cpe:/a:novell:suse_linux:11:tomcat6-docs-webapp", "p-cpe:/a:novell:suse_linux:11:tomcat6-javadoc", "p-cpe:/a:novell:suse_linux:11:tomcat6-jsp-2_1-api", "p-cpe:/a:novell:suse_linux:11:tomcat6-lib", "p-cpe:/a:novell:suse_linux:11:tomcat6-servlet-2_5-api", "p-cpe:/a:novell:suse_linux:11:tomcat6-webapps", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_TOMCAT6-130107.NASL", "href": "https://www.tenable.com/plugins/nessus/64430", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64430);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-5568\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n\n script_name(english:\"SuSE 11.2 Security Update : tomcat6 (SAT Patch Number 7208)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat6 fixes the following security issues :\n\n - denial of service. (CVE-2012-4534)\n\n - tomcat: HTTP NIO connector OOM DoS via a request with\n large headers. (CVE-2012-2733)\n\n - tomcat: cnonce tracking weakness. (CVE-2012-5885)\n\n - tomcat: authentication caching weakness. (CVE-2012-5886)\n\n - tomcat: stale nonce weakness. (CVE-2012-5887)\n\n - tomcat: affected by slowloris DoS. (CVE-2012-5568)\n\n - tomcat: Bypass of security constraints. (CVE-2012-3546)\n\n - tomcat: bypass of CSRF prevention filter.\n (CVE-2012-4431)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=791423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=791424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=791426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=791679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=793391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=793394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=794548\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2733.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3546.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4431.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4534.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5568.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5885.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5886.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5887.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7208.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-jsp-2_1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-servlet-2_5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-6.0.18-20.35.40.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-admin-webapps-6.0.18-20.35.40.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-docs-webapp-6.0.18-20.35.40.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-javadoc-6.0.18-20.35.40.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-jsp-2_1-api-6.0.18-20.35.40.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-lib-6.0.18-20.35.40.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-servlet-2_5-api-6.0.18-20.35.40.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"tomcat6-webapps-6.0.18-20.35.40.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:18", "description": "Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation.", "cvss3": {}, "published": "2016-03-28T00:00:00", "type": "nessus", "title": "Debian DSA-3530-1 : tomcat6 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4286", "CVE-2013-4322", "CVE-2013-4590", "CVE-2014-0033", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810", "CVE-2015-5174", "CVE-2015-5345", "CVE-2015-5346", "CVE-2015-5351", "CVE-2016-0706", "CVE-2016-0714", "CVE-2016-0763"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tomcat6", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3530.NASL", "href": "https://www.tenable.com/plugins/nessus/90205", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3530. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90205);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4286\", \"CVE-2013-4322\", \"CVE-2013-4590\", \"CVE-2014-0033\", \"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\", \"CVE-2014-0227\", \"CVE-2014-0230\", \"CVE-2014-7810\", \"CVE-2015-5174\", \"CVE-2015-5345\", \"CVE-2015-5346\", \"CVE-2015-5351\", \"CVE-2016-0706\", \"CVE-2016-0714\", \"CVE-2016-0763\");\n script_xref(name:\"DSA\", value:\"3530\");\n\n script_name(english:\"Debian DSA-3530-1 : tomcat6 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities have been fixed in the Tomcat\nservlet and JSP engine, which may result on bypass of security manager\nrestrictions, information disclosure, denial of service or session\nfixation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/tomcat6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3530\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat6 packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 6.0.45+dfsg-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libservlet2.4-java\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libservlet2.5-java\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libservlet2.5-java-doc\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtomcat6-java\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-admin\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-common\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-docs\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-examples\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-extras\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat6-user\", reference:\"6.0.45+dfsg-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:20:46", "description": "Updated tomcat6 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was possible to bypass the security constraint checks in the FORM authenticator by appending '/j_security_check' to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when using the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker could use this flaw to cause a denial of service (infinite loop). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Red Hat Enterprise Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nUsers of Tomcat should upgrade to these updated packages, which correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-03-13T00:00:00", "type": "nessus", "title": "CentOS 6 : tomcat6 (CESA-2013:0623)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3546", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tomcat6", "p-cpe:/a:centos:centos:tomcat6-admin-webapps", "p-cpe:/a:centos:centos:tomcat6-docs-webapp", "p-cpe:/a:centos:centos:tomcat6-el-2.1-api", "p-cpe:/a:centos:centos:tomcat6-javadoc", "p-cpe:/a:centos:centos:tomcat6-jsp-2.1-api", "p-cpe:/a:centos:centos:tomcat6-lib", "p-cpe:/a:centos:centos:tomcat6-servlet-2.5-api", "p-cpe:/a:centos:centos:tomcat6-webapps", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2013-0623.NASL", "href": "https://www.tenable.com/plugins/nessus/65225", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0623 and \n# CentOS Errata and Security Advisory 2013:0623 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65225);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56403, 56812, 56813);\n script_xref(name:\"RHSA\", value:\"2013:0623\");\n\n script_name(english:\"CentOS 6 : tomcat6 (CESA-2013:0623)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that when an application used FORM authentication, along\nwith another component that calls request.setUserPrincipal() before\nthe call to FormAuthenticator#authenticate() (such as the\nSingle-Sign-On valve), it was possible to bypass the security\nconstraint checks in the FORM authenticator by appending\n'/j_security_check' to the end of a URL. A remote attacker with an\nauthenticated session on an affected application could use this flaw\nto circumvent authorization controls, and thereby access resources not\npermitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when\nusing the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote\nattacker could use this flaw to cause a denial of service (infinite\nloop). The HTTP blocking IO (BIO) connector, which is not vulnerable\nto this issue, is used by default in Red Hat Enterprise Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncorrect these issues. Tomcat must be restarted for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019640.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e545b75\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-admin-webapps-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-docs-webapp-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-el-2.1-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-javadoc-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-lib-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-webapps-6.0.24-52.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:20:58", "description": "It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was possible to bypass the security constraint checks in the FORM authenticator by appending '/j_security_check' to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when using the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker could use this flaw to cause a denial of service (infinite loop). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Scientific Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nTomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-03-13T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : tomcat6 on SL6.x (noarch) (20130311)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3546", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:tomcat6", "p-cpe:/a:fermilab:scientific_linux:tomcat6-admin-webapps", "p-cpe:/a:fermilab:scientific_linux:tomcat6-docs-webapp", "p-cpe:/a:fermilab:scientific_linux:tomcat6-el-2.1-api", "p-cpe:/a:fermilab:scientific_linux:tomcat6-javadoc", "p-cpe:/a:fermilab:scientific_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:fermilab:scientific_linux:tomcat6-lib", "p-cpe:/a:fermilab:scientific_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:fermilab:scientific_linux:tomcat6-webapps", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130311_TOMCAT6_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65243", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65243);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n\n script_name(english:\"Scientific Linux Security Update : tomcat6 on SL6.x (noarch) (20130311)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that when an application used FORM authentication, along\nwith another component that calls request.setUserPrincipal() before\nthe call to FormAuthenticator#authenticate() (such as the\nSingle-Sign-On valve), it was possible to bypass the security\nconstraint checks in the FORM authenticator by appending\n'/j_security_check' to the end of a URL. A remote attacker with an\nauthenticated session on an affected application could use this flaw\nto circumvent authorization controls, and thereby access resources not\npermitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when\nusing the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote\nattacker could use this flaw to cause a denial of service (infinite\nloop). The HTTP blocking IO (BIO) connector, which is not vulnerable\nto this issue, is used by default in Scientific Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nTomcat must be restarted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=3589\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84cdcb1a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-admin-webapps-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-docs-webapp-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-el-2.1-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-javadoc-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-lib-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-webapps-6.0.24-52.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:36", "description": "From Red Hat Security Advisory 2013:0623 :\n\nUpdated tomcat6 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was possible to bypass the security constraint checks in the FORM authenticator by appending '/j_security_check' to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when using the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker could use this flaw to cause a denial of service (infinite loop). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Red Hat Enterprise Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nUsers of Tomcat should upgrade to these updated packages, which correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : tomcat6 (ELSA-2013-0623)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3546", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tomcat6", "p-cpe:/a:oracle:linux:tomcat6-admin-webapps", "p-cpe:/a:oracle:linux:tomcat6-docs-webapp", "p-cpe:/a:oracle:linux:tomcat6-el-2.1-api", "p-cpe:/a:oracle:linux:tomcat6-javadoc", "p-cpe:/a:oracle:linux:tomcat6-jsp-2.1-api", "p-cpe:/a:oracle:linux:tomcat6-lib", "p-cpe:/a:oracle:linux:tomcat6-servlet-2.5-api", "p-cpe:/a:oracle:linux:tomcat6-webapps", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2013-0623.NASL", "href": "https://www.tenable.com/plugins/nessus/68786", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0623 and \n# Oracle Linux Security Advisory ELSA-2013-0623 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68786);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56403, 56812, 56813);\n script_xref(name:\"RHSA\", value:\"2013:0623\");\n\n script_name(english:\"Oracle Linux 6 : tomcat6 (ELSA-2013-0623)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0623 :\n\nUpdated tomcat6 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that when an application used FORM authentication, along\nwith another component that calls request.setUserPrincipal() before\nthe call to FormAuthenticator#authenticate() (such as the\nSingle-Sign-On valve), it was possible to bypass the security\nconstraint checks in the FORM authenticator by appending\n'/j_security_check' to the end of a URL. A remote attacker with an\nauthenticated session on an affected application could use this flaw\nto circumvent authorization controls, and thereby access resources not\npermitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when\nusing the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote\nattacker could use this flaw to cause a denial of service (infinite\nloop). The HTTP blocking IO (BIO) connector, which is not vulnerable\nto this issue, is used by default in Red Hat Enterprise Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncorrect these issues. Tomcat must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-March/003351.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-admin-webapps-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-docs-webapp-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-el-2.1-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-javadoc-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-lib-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-52.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-webapps-6.0.24-52.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:20:46", "description": "Updated tomcat6 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was possible to bypass the security constraint checks in the FORM authenticator by appending '/j_security_check' to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when using the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker could use this flaw to cause a denial of service (infinite loop). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Red Hat Enterprise Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nUsers of Tomcat should upgrade to these updated packages, which correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "nessus", "title": "RHEL 6 : tomcat6 (RHSA-2013:0623)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3546", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.4"], "id": "REDHAT-RHSA-2013-0623.NASL", "href": "https://www.tenable.com/plugins/nessus/65201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0623. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65201);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56403, 56812, 56813);\n script_xref(name:\"RHSA\", value:\"2013:0623\");\n\n script_name(english:\"RHEL 6 : tomcat6 (RHSA-2013:0623)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that when an application used FORM authentication, along\nwith another component that calls request.setUserPrincipal() before\nthe call to FormAuthenticator#authenticate() (such as the\nSingle-Sign-On valve), it was possible to bypass the security\nconstraint checks in the FORM authenticator by appending\n'/j_security_check' to the end of a URL. A remote attacker with an\nauthenticated session on an affected application could use this flaw\nto circumvent authorization controls, and thereby access resources not\npermitted by the roles associated with their authenticated session.\n(CVE-2012-3546)\n\nA flaw was found in the way Tomcat handled sendfile operations when\nusing the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote\nattacker could use this flaw to cause a denial of service (infinite\nloop). The HTTP blocking IO (BIO) connector, which is not vulnerable\nto this issue, is used by default in Red Hat Enterprise Linux 6.\n(CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncorrect these issues. Tomcat must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-6.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0623\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5887\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0623\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-2.1-api-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-52.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.24-52.el6_4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-02T14:14:31", "description": "Updated tomcat6 packages that fix multiple security issues and three bugs are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nJBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime (APR) support for Tomcat. References in this text to APR refer to the Tomcat Native implementation, not any other apr package.\n\nThis update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs.\nIt also resolves the following security issues :\n\nMultiple flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064)\n\nA flaw was found in the way the Coyote (org.apache.coyote.ajp.AjpProcessor) and APR (org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ Protocol) connectors processed certain POST requests. An attacker could send a specially crafted request that would cause the connector to treat the message body as a new request. This allows arbitrary AJP messages to be injected, possibly allowing an attacker to bypass a web application's authentication checks and gain access to information they would otherwise be unable to access. The JK (org.apache.jk.server.JkCoyoteHandler) connector is used by default when the APR libraries are not present. The JK connector is not affected by this flaw. (CVE-2011-3190)\n\nA flaw in the way Tomcat recycled objects that contain data from user requests (such as IP addresses and HTTP headers) when certain errors occurred. If a user sent a request that caused an error to be logged, Tomcat would return a reply to the next request (which could be sent by a different user) with data from the first user's request, leading to information disclosure. Under certain conditions, a remote attacker could leverage this flaw to hijack sessions. (CVE-2011-3375)\n\nThe Java hashCode() method implementation was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause Tomcat to use an excessive amount of CPU time by sending an HTTP request with a large number of parameters whose names map to the same hash value. This update introduces a limit on the number of parameters processed per request to mitigate this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2011-4858)\n\nTomcat did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make Tomcat use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. Refer to the CVE-2011-4858 description for information about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2012-0022)\n\nA flaw in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nA flaw in the way Tomcat handled sendfile request attributes when using the HTTP APR or NIO (Non-Blocking I/O) connector. A malicious web application running on a Tomcat instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM). The HTTP NIO connector is used by default in JBoss Enterprise Web Server. (CVE-2011-2526)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4858, and the Apache Tomcat project for reporting CVE-2011-2526. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4858.", "cvss3": {}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : JBoss Web Server (RHSA-2012:0682)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-3375", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-0682.NASL", "href": "https://www.tenable.com/plugins/nessus/78925", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0682. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78925);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-3375\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_bugtraq_id(48456, 48667, 49353, 49762, 51200, 51442, 51447);\n script_xref(name:\"RHSA\", value:\"2012:0682\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss Web Server (RHSA-2012:0682)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix multiple security issues and three\nbugs are now available for JBoss Enterprise Web Server 1.0.2 for Red\nHat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nJBoss Enterprise Web Server includes the Tomcat Native library,\nproviding Apache Portable Runtime (APR) support for Tomcat. References\nin this text to APR refer to the Tomcat Native implementation, not any\nother apr package.\n\nThis update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs.\nIt also resolves the following security issues :\n\nMultiple flaws weakened the Tomcat HTTP DIGEST authentication\nimplementation, subjecting it to some of the weaknesses of HTTP BASIC\nauthentication, for example, allowing remote attackers to perform\nsession replay attacks. (CVE-2011-1184, CVE-2011-5062, CVE-2011-5063,\nCVE-2011-5064)\n\nA flaw was found in the way the Coyote\n(org.apache.coyote.ajp.AjpProcessor) and APR\n(org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ\nProtocol) connectors processed certain POST requests. An attacker\ncould send a specially crafted request that would cause the connector\nto treat the message body as a new request. This allows arbitrary AJP\nmessages to be injected, possibly allowing an attacker to bypass a web\napplication's authentication checks and gain access to information\nthey would otherwise be unable to access. The JK\n(org.apache.jk.server.JkCoyoteHandler) connector is used by default\nwhen the APR libraries are not present. The JK connector is not\naffected by this flaw. (CVE-2011-3190)\n\nA flaw in the way Tomcat recycled objects that contain data from user\nrequests (such as IP addresses and HTTP headers) when certain errors\noccurred. If a user sent a request that caused an error to be logged,\nTomcat would return a reply to the next request (which could be sent\nby a different user) with data from the first user's request, leading\nto information disclosure. Under certain conditions, a remote attacker\ncould leverage this flaw to hijack sessions. (CVE-2011-3375)\n\nThe Java hashCode() method implementation was susceptible to\npredictable hash collisions. A remote attacker could use this flaw to\ncause Tomcat to use an excessive amount of CPU time by sending an HTTP\nrequest with a large number of parameters whose names map to the same\nhash value. This update introduces a limit on the number of parameters\nprocessed per request to mitigate this issue. The default limit is 512\nfor parameters and 128 for headers. These defaults can be changed by\nsetting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2011-4858)\n\nTomcat did not handle large numbers of parameters and large parameter\nvalues efficiently. A remote attacker could make Tomcat use an\nexcessive amount of CPU time by sending an HTTP request containing a\nlarge number of parameters or large parameter values. This update\nintroduces limits on the number of parameters and headers processed\nper request to address this issue. Refer to the CVE-2011-4858\ndescription for information about the\norg.apache.tomcat.util.http.Parameters.MAX_COUNT and\norg.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.\n(CVE-2012-0022)\n\nA flaw in the Tomcat MemoryUserDatabase. If a runtime exception\noccurred when creating a new user with a JMX client, that user's\npassword was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nA flaw in the way Tomcat handled sendfile request attributes when\nusing the HTTP APR or NIO (Non-Blocking I/O) connector. A malicious\nweb application running on a Tomcat instance could use this flaw to\nbypass security manager restrictions and gain access to files it would\notherwise be unable to access, or possibly terminate the Java Virtual\nMachine (JVM). The HTTP NIO connector is used by default in JBoss\nEnterprise Web Server. (CVE-2011-2526)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4858, and the\nApache Tomcat project for reporting CVE-2011-2526. oCERT acknowledges\nJulian Walde and Alexander Klink as the original reporters of\nCVE-2011-4858.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-6.html\"\n );\n # https://issues.jboss.org/browse/JBPAPP-4873\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://issues.jboss.org/browse/JBPAPP-4873?_sscc=t\"\n );\n # https://issues.jboss.org/browse/JBPAPP-6133\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://issues.jboss.org/browse/JBPAPP-6133?_sscc=t\"\n );\n # https://issues.jboss.org/browse/JBPAPP-6852\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://issues.jboss.org/browse/JBPAPP-6852?_sscc=t\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3375\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0682\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"mod_cluster\") || rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-admin-webapps-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-docs-webapp-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-el-1.0-api-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-javadoc-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-jsp-2.1-api-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-lib-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-log4j-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-servlet-2.5-api-6.0.32-24_patch_07.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-webapps-6.0.32-24_patch_07.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-1.0-api-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-log4j-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.32-24_patch_07.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.32-24_patch_07.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:14:18", "description": "Several vulnerabilities have been found in Tomcat, a servlet and JSP engine :\n\n - CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 The HTTP Digest Access Authentication implementation performed insufficient countermeasures against replay attacks.\n\n - CVE-2011-2204 In rare setups passwords were written into a logfile.\n\n - CVE-2011-2526 Missing input sanitising in the HTTP APR or HTTP NIO connectors could lead to denial of service.\n\n - CVE-2011-3190 AJP requests could be spoofed in some setups.\n\n - CVE-2011-3375 Incorrect request caching could lead to information disclosure.\n\n - CVE-2011-4858 CVE-2012-0022 This update adds countermeasures against a collision denial of service vulnerability in the Java hashtable implementation and addresses denial of service potentials when processing large amounts of requests.\n\nAdditional information can be found at", "cvss3": {}, "published": "2012-02-03T00:00:00", "type": "nessus", "title": "Debian DSA-2401-1 : tomcat6 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-3375", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tomcat6", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2401.NASL", "href": "https://www.tenable.com/plugins/nessus/57812", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2401. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57812);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-3375\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_bugtraq_id(48456, 48667, 49353, 49762, 51200, 51442, 51447);\n script_xref(name:\"DSA\", value:\"2401\");\n\n script_name(english:\"Debian DSA-2401-1 : tomcat6 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been found in Tomcat, a servlet and JSP\nengine :\n\n - CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064\n The HTTP Digest Access Authentication implementation\n performed insufficient countermeasures against replay\n attacks.\n\n - CVE-2011-2204\n In rare setups passwords were written into a logfile.\n\n - CVE-2011-2526\n Missing input sanitising in the HTTP APR or HTTP NIO\n connectors could lead to denial of service.\n\n - CVE-2011-3190\n AJP requests could be spoofed in some setups.\n\n - CVE-2011-3375\n Incorrect request caching could lead to information\n disclosure.\n\n - CVE-2011-4858 CVE-2012-0022\n This update adds countermeasures against a collision\n denial of service vulnerability in the Java hashtable\n implementation and addresses denial of service\n potentials when processing large amounts of requests.\n\nAdditional information can be found at\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-5062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-5063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-5064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-4858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/tomcat6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2401\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat6 packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 6.0.35-1+squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libservlet2.5-java\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libservlet2.5-java-doc\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libtomcat6-java\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-admin\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-common\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-docs\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-examples\", reference:\"6.0.35-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"tomcat6-user\", reference:\"6.0.35-1+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:15:49", "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "cvss3": {}, "published": "2016-01-19T00:00:00", "type": "nessus", "title": "Debian DSA-3447-1 : tomcat7 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4444", "CVE-2014-0075", "CVE-2014-0099", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tomcat7", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3447.NASL", "href": "https://www.tenable.com/plugins/nessus/87979", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3447. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87979);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"DSA\", value:\"3447\");\n\n script_name(english:\"Debian DSA-3447-1 : tomcat7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/tomcat7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3447\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat7 packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 7.0.28-4+deb7u3. This update also provides fixes for\nCVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227 and\nCVE-2014-0230, which were all fixed for the stable distribution\n(jessie) already.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libservlet3.0-java\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libservlet3.0-java-doc\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtomcat7-java\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-admin\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-common\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-docs\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-examples\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-user\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.0-java\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.0-java-doc\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat7-java\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-admin\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-common\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-docs\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-examples\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-user\", reference:\"7.0.56-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:34", "description": "According to its self-reported version number, the instance of Apache Tomcat 7.0 listening on the remote host is prior to 7.0.30. It is, therefore, affected by the following vulnerabilities :\n\n - An error related to chunked transfer encoding and extensions allows limited denial of service attacks. (CVE-2012-3544)\n\n - An error exists related to FORM authentication that allows security bypass if 'j_security_check' is appended to the request. (CVE-2012-3546)\n\n - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead of nonce values, which makes it easier for attackers to bypass access restrictions by sniffing the network for valid requests. (CVE-2012-5885)\n\n - HTTP Digest Access Authentication implementation caches information about the authenticated user, which allows an attacker to bypass authentication via session ID. (CVE-2012-5886)\n\n - HTTP Digest Access Authentication implementation does not properly check for stale nonce values with enforcement of proper credentials, which allows an attacker to bypass restrictions by sniffing requests. (CVE-2012-5887)\n\nNote that Nessus Network Monitor has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "nessus", "title": "Apache Tomcat 7.0.x < 7.0.30 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2012-3546", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "6624.PASL", "href": "https://www.tenable.com/plugins/nnm/6624", "sourceData": "Binary data 6624.pasl", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:45", "description": "According to its self-reported version number, the instance of Apache Tomcat 7.0 listening on the remote host is prior to 7.0.30. It is, therefore, affected by the following vulnerabilities :\n\n - An error related to chunked transfer encoding and extensions allows limited denial of service attacks.\n (CVE-2012-3544)\n\n - An error exists related to FORM authentication that allows security bypass if 'j_security_check' is appended to the request. (CVE-2012-3546)\n\n - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead of nonce values, which makes it easier for attackers to bypass access restrictions by sniffing the network for valid requests. (CVE-2012-5885)\n\n - HTTP Digest Access Authentication implementation caches information about the authenticated user, which allows an attacker to bypass authentication via session ID.\n (CVE-2012-5886)\n\n - HTTP Digest Access Authentication implementation does not properly check for stale nonce values with enforcement of proper credentials, which allows an attacker to bypass restrictions by sniffing requests.\n (CVE-2012-5887)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2012-11-21T00:00:00", "type": "nessus", "title": "Apache Tomcat 7.0.x < 7.0.30 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2012-3546", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_7_0_30.NASL", "href": "https://www.tenable.com/plugins/nessus/62988", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62988);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2012-3544\",\n \"CVE-2012-3546\",\n \"CVE-2012-5885\",\n \"CVE-2012-5886\",\n \"CVE-2012-5887\"\n );\n script_bugtraq_id(56403, 56812, 59797);\n\n script_name(english:\"Apache Tomcat 7.0.x < 7.0.30 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the instance of Apache\nTomcat 7.0 listening on the remote host is prior to 7.0.30. It is,\ntherefore, affected by the following vulnerabilities :\n\n - An error related to chunked transfer encoding and\n extensions allows limited denial of service attacks.\n (CVE-2012-3544)\n\n - An error exists related to FORM authentication that\n allows security bypass if 'j_security_check' is appended\n to the request. (CVE-2012-3546)\n\n - Replay-countermeasure functionality in HTTP Digest\n Access Authentication tracks cnonce values instead of\n nonce values, which makes it easier for attackers to\n bypass access restrictions by sniffing the network for\n valid requests. (CVE-2012-5885)\n\n - HTTP Digest Access Authentication implementation caches\n information about the authenticated user, which allows\n an attacker to bypass authentication via session ID.\n (CVE-2012-5886)\n\n - HTTP Digest Access Authentication implementation does\n not properly check for stale nonce values with\n enforcement of proper credentials, which allows an\n attacker to bypass restrictions by sniffing requests.\n (CVE-2012-5887)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.30\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2012/Dec/73\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 7.0.30 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-3544\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"7.0.30\", min:\"7.0.0\", severity:SECURITY_WARNING, xsrf:TRUE, granularity_regex:\"^7(\\.0)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:28", "description": "Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that web applications could modify the location of the Tomcat host's work directory. As web applications deployed on Tomcat have read and write access to this directory, a malicious web application could use this flaw to trick Tomcat into giving it read and write access to an arbitrary directory on the file system.\n(CVE-2010-3718)\n\nA cross-site scripting (XSS) flaw was found in the Manager application, used for managing web applications on Apache Tomcat. A malicious web application could use this flaw to conduct an XSS attack, leading to arbitrary web script execution with the privileges of victims who are logged into and viewing Manager application web pages. (CVE-2011-0013)\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-12-21T00:00:00", "type": "nessus", "title": "RHEL 5 : tomcat5 (RHSA-2011:1845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3718", "CVE-2011-0013", "CVE-2011-1184", "CVE-2011-2204", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5", "p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2011-1845.NASL", "href": "https://www.tenable.com/plugins/nessus/57356", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1845. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57356);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_bugtraq_id(46174, 46177, 48456, 49762);\n script_xref(name:\"RHSA\", value:\"2011:1845\");\n\n script_name(english:\"RHEL 5 : tomcat5 (RHSA-2011:1845)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat5 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was found that web applications could modify the location of the\nTomcat host's work directory. As web applications deployed on Tomcat\nhave read and write access to this directory, a malicious web\napplication could use this flaw to trick Tomcat into giving it read\nand write access to an arbitrary directory on the file system.\n(CVE-2010-3718)\n\nA cross-site scripting (XSS) flaw was found in the Manager\napplication, used for managing web applications on Apache Tomcat. A\nmalicious web application could use this flaw to conduct an XSS\nattack, leading to arbitrary web script execution with the privileges\nof victims who are logged into and viewing Manager application web\npages. (CVE-2011-0013)\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST\nauthentication. These flaws weakened the Tomcat HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime\nexception occurred when creating a new user with a JMX client, that\nuser's password was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-0013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1845\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1845\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-common-lib-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-common-lib-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-common-lib-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-server-lib-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-server-lib-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-server-lib-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:35", "description": "Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that web applications could modify the location of the Tomcat host's work directory. As web applications deployed on Tomcat have read and write access to this directory, a malicious web application could use this flaw to trick Tomcat into giving it read and write access to an arbitrary directory on the file system.\n(CVE-2010-3718)\n\nA cross-site scripting (XSS) flaw was found in the Manager application, used for managing web applications on Apache Tomcat. A malicious web application could use this flaw to conduct an XSS attack, leading to arbitrary web script execution with the privileges of victims who are logged into and viewing Manager application web pages. (CVE-2011-0013)\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-12-21T00:00:00", "type": "nessus", "title": "CentOS 5 : tomcat5 (CESA-2011:1845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3718", "CVE-2011-0013", "CVE-2011-1184", "CVE-2011-2204", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tomcat5", "p-cpe:/a:centos:centos:tomcat5-admin-webapps", "p-cpe:/a:centos:centos:tomcat5-common-lib", "p-cpe:/a:centos:centos:tomcat5-jasper", "p-cpe:/a:centos:centos:tomcat5-jasper-javadoc", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:centos:centos:tomcat5-server-lib", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:centos:centos:tomcat5-webapps", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-1845.NASL", "href": "https://www.tenable.com/plugins/nessus/57354", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1845 and \n# CentOS Errata and Security Advisory 2011:1845 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57354);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_bugtraq_id(46174, 46177, 48456, 49762);\n script_xref(name:\"RHSA\", value:\"2011:1845\");\n\n script_name(english:\"CentOS 5 : tomcat5 (CESA-2011:1845)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat5 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was found that web applications could modify the location of the\nTomcat host's work directory. As web applications deployed on Tomcat\nhave read and write access to this directory, a malicious web\napplication could use this flaw to trick Tomcat into giving it read\nand write access to an arbitrary directory on the file system.\n(CVE-2010-3718)\n\nA cross-site scripting (XSS) flaw was found in the Manager\napplication, used for managing web applications on Apache Tomcat. A\nmalicious web application could use this flaw to conduct an XSS\nattack, leading to arbitrary web script execution with the privileges\nof victims who are logged into and viewing Manager application web\npages. (CVE-2011-0013)\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST\nauthentication. These flaws weakened the Tomcat HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime\nexception occurred when creating a new user with a JMX client, that\nuser's password was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-December/018336.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9373df8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-December/018337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d801a1f1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:27:03", "description": "From Red Hat Security Advisory 2011:1845 :\n\nUpdated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that web applications could modify the location of the Tomcat host's work directory. As web applications deployed on Tomcat have read and write access to this directory, a malicious web application could use this flaw to trick Tomcat into giving it read and write access to an arbitrary directory on the file system.\n(CVE-2010-3718)\n\nA cross-site scripting (XSS) flaw was found in the Manager application, used for managing web applications on Apache Tomcat. A malicious web application could use this flaw to conduct an XSS attack, leading to arbitrary web script execution with the privileges of victims who are logged into and viewing Manager application web pages. (CVE-2011-0013)\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : tomcat5 (ELSA-2011-1845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3718", "CVE-2011-0013", "CVE-2011-1184", "CVE-2011-2204", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tomcat5", "p-cpe:/a:oracle:linux:tomcat5-admin-webapps", "p-cpe:/a:oracle:linux:tomcat5-common-lib", "p-cpe:/a:oracle:linux:tomcat5-jasper", "p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-server-lib", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-webapps", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2011-1845.NASL", "href": "https://www.tenable.com/plugins/nessus/68410", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1845 and \n# Oracle Linux Security Advisory ELSA-2011-1845 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68410);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3718\", \"CVE-2011-0013\", \"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_bugtraq_id(46174, 46177, 48456, 49762);\n script_xref(name:\"RHSA\", value:\"2011:1845\");\n\n script_name(english:\"Oracle Linux 5 : tomcat5 (ELSA-2011-1845)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1845 :\n\nUpdated tomcat5 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was found that web applications could modify the location of the\nTomcat host's work directory. As web applications deployed on Tomcat\nhave read and write access to this directory, a malicious web\napplication could use this flaw to trick Tomcat into giving it read\nand write access to an arbitrary directory on the file system.\n(CVE-2010-3718)\n\nA cross-site scripting (XSS) flaw was found in the Manager\napplication, used for managing web applications on Apache Tomcat. A\nmalicious web application could use this flaw to conduct an XSS\nattack, leading to arbitrary web script execution with the privileges\nof victims who are logged into and viewing Manager application web\npages. (CVE-2011-0013)\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST\nauthentication. These flaws weakened the Tomcat HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime\nexception occurred when creating a new user with a JMX client, that\nuser's password was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-December/002527.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.22.el5_7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-webapps-5.5.23-0jpp.22.el5_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:05:43", "description": "Updated tomcat6 packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nAPR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the Tomcat Native library, which provides support for using APR with Tomcat. This library is not shipped with Red Hat Enterprise Linux 6.\nThis update includes fixes for users who have elected to use APR with Tomcat by taking the Tomcat Native library from a different product.\nSuch a configuration is not supported by Red Hat, however.\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the way the Coyote (org.apache.coyote.ajp.AjpProcessor) and APR (org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ Protocol) connectors processed certain POST requests. An attacker could send a specially crafted request that would cause the connector to treat the message body as a new request. This allows arbitrary AJP messages to be injected, possibly allowing an attacker to bypass a web application's authentication checks and gain access to information they would otherwise be unable to access. The JK (org.apache.jk.server.JkCoyoteHandler) connector is used by default when the APR libraries are not present. The JK connector is not affected by this flaw. (CVE-2011-3190)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes when using the HTTP APR or NIO (Non-Blocking I/O) connector. A malicious web application running on a Tomcat instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Red Hat Enterprise Linux 6. (CVE-2011-2526)\n\nRed Hat would like to thank the Apache Tomcat project for reporting the CVE-2011-2526 issue.\n\nThis update also fixes the following bug :\n\n* Previously, in certain cases, if 'LANG=fr_FR' or 'LANG=fr_FR.UTF-8' was set as an environment variable or in '/etc/sysconfig/tomcat6' on 64-bit PowerPC systems, Tomcat may have failed to start correctly.\nWith this update, Tomcat works as expected when LANG is set to 'fr_FR' or 'fr_FR.UTF-8'. (BZ#748807)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-12-23T00:00:00", "type": "nessus", "title": "CentOS 6 : tomcat6 (CESA-2011:1780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tomcat6", "p-cpe:/a:centos:centos:tomcat6-admin-webapps", "p-cpe:/a:centos:centos:tomcat6-docs-webapp", "p-cpe:/a:centos:centos:tomcat6-el-2.1-api", "p-cpe:/a:centos:centos:tomcat6-javadoc", "p-cpe:/a:centos:centos:tomcat6-jsp-2.1-api", "p-cpe:/a:centos:centos:tomcat6-lib", "p-cpe:/a:centos:centos:tomcat6-servlet-2.5-api", "p-cpe:/a:centos:centos:tomcat6-webapps", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2011-1780.NASL", "href": "https://www.tenable.com/plugins/nessus/57374", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1780 and \n# CentOS Errata and Security Advisory 2011:1780 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57374);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_bugtraq_id(48456, 48667, 49353, 49762);\n script_xref(name:\"RHSA\", value:\"2011:1780\");\n\n script_name(english:\"CentOS 6 : tomcat6 (CESA-2011:1780)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nAPR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and\nCVE-2011-2526 descriptions does not refer to APR provided by the apr\npackages. It refers to the implementation of APR provided by the\nTomcat Native library, which provides support for using APR with\nTomcat. This library is not shipped with Red Hat Enterprise Linux 6.\nThis update includes fixes for users who have elected to use APR with\nTomcat by taking the Tomcat Native library from a different product.\nSuch a configuration is not supported by Red Hat, however.\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST\nauthentication. These flaws weakened the Tomcat HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the way the Coyote\n(org.apache.coyote.ajp.AjpProcessor) and APR\n(org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ\nProtocol) connectors processed certain POST requests. An attacker\ncould send a specially crafted request that would cause the connector\nto treat the message body as a new request. This allows arbitrary AJP\nmessages to be injected, possibly allowing an attacker to bypass a web\napplication's authentication checks and gain access to information\nthey would otherwise be unable to access. The JK\n(org.apache.jk.server.JkCoyoteHandler) connector is used by default\nwhen the APR libraries are not present. The JK connector is not\naffected by this flaw. (CVE-2011-3190)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime\nexception occurred when creating a new user with a JMX client, that\nuser's password was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes\nwhen using the HTTP APR or NIO (Non-Blocking I/O) connector. A\nmalicious web application running on a Tomcat instance could use this\nflaw to bypass security manager restrictions and gain access to files\nit would otherwise be unable to access, or possibly terminate the Java\nVirtual Machine (JVM). The HTTP blocking IO (BIO) connector, which is\nnot vulnerable to this issue, is used by default in Red Hat Enterprise\nLinux 6. (CVE-2011-2526)\n\nRed Hat would like to thank the Apache Tomcat project for reporting\nthe CVE-2011-2526 issue.\n\nThis update also fixes the following bug :\n\n* Previously, in certain cases, if 'LANG=fr_FR' or 'LANG=fr_FR.UTF-8'\nwas set as an environment variable or in '/etc/sysconfig/tomcat6' on\n64-bit PowerPC systems, Tomcat may have failed to start correctly.\nWith this update, Tomcat works as expected when LANG is set to 'fr_FR'\nor 'fr_FR.UTF-8'. (BZ#748807)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-December/018356.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa61944a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-admin-webapps-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-docs-webapp-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-el-2.1-api-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-javadoc-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-lib-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-35.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-webapps-6.0.24-35.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:05:44", "description": "Updated tomcat6 packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nAPR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the Tomcat Native library, which provides support for using APR with Tomcat. This library is not shipped with Red Hat Enterprise Linux 6.\nThis update includes fixes for users who have elected to use APR with Tomcat by taking the Tomcat Native library from a different product.\nSuch a configuration is not supported by Red Hat, however.\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the way the Coyote (org.apache.coyote.ajp.AjpProcessor) and APR (org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ Protocol) connectors processed certain POST requests. An attacker could send a specially crafted request that would cause the connector to treat the message body as a new request. This allows arbitrary AJP messages to be injected, possibly allowing an attacker to bypass a web application's authentication checks and gain access to information they would otherwise be unable to access. The JK (org.apache.jk.server.JkCoyoteHandler) connector is used by default when the APR libraries are not present. The JK connector is not affected by this flaw. (CVE-2011-3190)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes when using the HTTP APR or NIO (Non-Blocking I/O) connector. A malicious web application running on a Tomcat instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Red Hat Enterprise Linux 6. (CVE-2011-2526)\n\nRed Hat would like to thank the Apache Tomcat project for reporting the CVE-2011-2526 issue.\n\nThis update also fixes the following bug :\n\n* Previously, in certain cases, if 'LANG=fr_FR' or 'LANG=fr_FR.UTF-8' was set as an environment variable or in '/etc/sysconfig/tomcat6' on 64-bit PowerPC systems, Tomcat may have failed to start correctly.\nWith this update, Tomcat works as expected when LANG is set to 'fr_FR' or 'fr_FR.UTF-8'. (BZ#748807)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-12-06T00:00:00", "type": "nessus", "title": "RHEL 6 : tomcat6 (RHSA-2011:1780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.1"], "id": "REDHAT-RHSA-2011-1780.NASL", "href": "https://www.tenable.com/plugins/nessus/57023", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1780. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57023);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_bugtraq_id(48456, 48667, 49353, 49762);\n script_xref(name:\"RHSA\", value:\"2011:1780\");\n\n script_name(english:\"RHEL 6 : tomcat6 (RHSA-2011:1780)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nAPR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and\nCVE-2011-2526 descriptions does not refer to APR provided by the apr\npackages. It refers to the implementation of APR provided by the\nTomcat Native library, which provides support for using APR with\nTomcat. This library is not shipped with Red Hat Enterprise Linux 6.\nThis update includes fixes for users who have elected to use APR with\nTomcat by taking the Tomcat Native library from a different product.\nSuch a configuration is not supported by Red Hat, however.\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST\nauthentication. These flaws weakened the Tomcat HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the way the Coyote\n(org.apache.coyote.ajp.AjpProcessor) and APR\n(org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ\nProtocol) connectors processed certain POST requests. An attacker\ncould send a specially crafted request that would cause the connector\nto treat the message body as a new request. This allows arbitrary AJP\nmessages to be injected, possibly allowing an attacker to bypass a web\napplication's authentication checks and gain access to information\nthey would otherwise be unable to access. The JK\n(org.apache.jk.server.JkCoyoteHandler) connector is used by default\nwhen the APR libraries are not present. The JK connector is not\naffected by this flaw. (CVE-2011-3190)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime\nexception occurred when creating a new user with a JMX client, that\nuser's password was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes\nwhen using the HTTP APR or NIO (Non-Blocking I/O) connector. A\nmalicious web application running on a Tomcat instance could use this\nflaw to bypass security manager restrictions and gain access to files\nit would otherwise be unable to access, or possibly terminate the Java\nVirtual Machine (JVM). The HTTP blocking IO (BIO) connector, which is\nnot vulnerable to this issue, is used by default in Red Hat Enterprise\nLinux 6. (CVE-2011-2526)\n\nRed Hat would like to thank the Apache Tomcat project for reporting\nthe CVE-2011-2526 issue.\n\nThis update also fixes the following bug :\n\n* Previously, in certain cases, if 'LANG=fr_FR' or 'LANG=fr_FR.UTF-8'\nwas set as an environment variable or in '/etc/sysconfig/tomcat6' on\n64-bit PowerPC systems, Tomcat may have failed to start correctly.\nWith this update, Tomcat works as expected when LANG is set to 'fr_FR'\nor 'fr_FR.UTF-8'. (BZ#748807)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-5064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-6.html\"\n );\n # https://access.redhat.com/support/offerings/production/soc.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/support/offerings/production/soc\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1780\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1780\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-2.1-api-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-35.el6_1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.24-35.el6_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:14:28", "description": "From Red Hat Security Advisory 2011:1780 :\n\nUpdated tomcat6 packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nAPR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the Tomcat Native library, which provides support for using APR with Tomcat. This library is not shipped with Red Hat Enterprise Linux 6.\nThis update includes fixes for users who have elected to use APR with Tomcat by taking the Tomcat Native library from a different product.\nSuch a configuration is not supported by Red Hat, however.\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the way the Coyote (org.apache.coyote.ajp.AjpProcessor) and APR (org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ Protocol) connectors processed certain POST requests. An attacker could send a specially crafted request that would cause the connector to treat the message body as a new request. This allows arbitrary AJP messages to be injected, possibly allowing an attacker to bypass a web application's authentication checks and gain access to information they would otherwise be unable to access. The JK (org.apache.jk.server.JkCoyoteHandler) connector is used by default when the APR libraries are not present. The JK connector is not affected by this flaw. (CVE-2011-3190)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes when using the HTTP APR or NIO (Non-Blocking I/O) connector. A malicious web application running on a Tomcat instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Red Hat Enterprise Linux 6. (CVE-2011-2526)\n\nRed Hat would like to thank the Apache Tomcat project for reporting the CVE-2011-2526 issue.\n\nThis update also fixes the following bug :\n\n* Previously, in certain cases, if 'LANG=fr_FR' or 'LANG=fr_FR.UTF-8' was set as an environment variable or in '/etc/sysconfig/tomcat6' on 64-bit PowerPC systems, Tomcat may have failed to start correctly.\nWith this update, Tomcat works as expected when LANG is set to 'fr_FR' or 'fr_FR.UTF-8'. (BZ#748807)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : tomcat6 (ELSA-2011-1780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tomcat6", "p-cpe:/a:oracle:linux:tomcat6-admin-webapps", "p-cpe:/a:oracle:linux:tomcat6-docs-webapp", "p-cpe:/a:oracle:linux:tomcat6-el-2.1-api", "p-cpe:/a:oracle:linux:tomcat6-javadoc", "p-cpe:/a:oracle:linux:tomcat6-jsp-2.1-api", "p-cpe:/a:oracle:linux:tomcat6-lib", "p-cpe:/a:oracle:linux:tomcat6-servlet-2.5-api", "p-cpe:/a:oracle:linux:tomcat6-webapps", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-1780.NASL", "href": "https://www.tenable.com/plugins/nessus/68399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1780 and \n# Oracle Linux Security Advisory ELSA-2011-1780 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68399);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1184\", \"CVE-2011-2204\", \"CVE-2011-2526\", \"CVE-2011-3190\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\");\n script_bugtraq_id(48456, 48667, 49353, 49762);\n script_xref(name:\"RHSA\", value:\"2011:1780\");\n\n script_name(english:\"Oracle Linux 6 : tomcat6 (ELSA-2011-1780)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1780 :\n\nUpdated tomcat6 packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nAPR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and\nCVE-2011-2526 descriptions does not refer to APR provided by the apr\npackages. It refers to the implementation of APR provided by the\nTomcat Native library, which provides support for using APR with\nTomcat. This library is not shipped with Red Hat Enterprise Linux 6.\nThis update includes fixes for users who have elected to use APR with\nTomcat by taking the Tomcat Native library from a different product.\nSuch a configuration is not supported by Red Hat, however.\n\nMultiple flaws were found in the way Tomcat handled HTTP DIGEST\nauthentication. These flaws weakened the Tomcat HTTP DIGEST\nauthentication implementation, subjecting it to some of the weaknesses\nof HTTP BASIC authentication, for example, allowing remote attackers\nto perform session replay attacks. (CVE-2011-1184)\n\nA flaw was found in the way the Coyote\n(org.apache.coyote.ajp.AjpProcessor) and APR\n(org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ\nProtocol) connectors processed certain POST requests. An attacker\ncould send a specially crafted request that would cause the connector\nto treat the message body as a new request. This allows arbitrary AJP\nmessages to be injected, possibly allowing an attacker to bypass a web\napplication's authentication checks and gain access to information\nthey would otherwise be unable to access. The JK\n(org.apache.jk.server.JkCoyoteHandler) connector is used by default\nwhen the APR libraries are not present. The JK connector is not\naffected by this flaw. (CVE-2011-3190)\n\nA flaw was found in the Tomcat MemoryUserDatabase. If a runtime\nexception occurred when creating a new user with a JMX client, that\nuser's password was logged to Tomcat log files. Note: By default, only\nadministrators have access to such log files. (CVE-2011-2204)\n\nA flaw was found in the way Tomcat handled sendfile request attributes\nwhen using the HTTP APR or NIO (Non-Blocking I/O) connector. A\nmalicious web application running on a Tomcat instance could use this\nflaw to bypass security manager restrictions and gain access to files\nit would otherwise be unable to access, or possibly terminate the Java\nVirtual Machine (JVM). The HTTP blocking IO (BIO) connector, which is\nnot vulnerable to this issue, is used by default in Red Hat Enterprise\nLinux 6. (CVE-2011-2526)\n\nRed Hat would like to thank the Apache Tomcat project for reporting\nthe CVE-2011-2526 issue.\n\nThis update also fixes the following bug :\n\n* Previously, in certain cases, if 'LANG=fr_FR' or 'LANG=fr_FR.UTF-8'\nwas set as an environment variable or in '/etc/sysconfig/tomcat6' on\n64-bit PowerPC systems, Tomcat may have failed to start correctly.\nWith this update, Tomcat works as expected when LANG is set to 'fr_FR'\nor 'fr_FR.UTF-8'. (BZ#748807)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-December/002493.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-admin-webapps-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-docs-webapp-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-el-2.1-api-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-javadoc-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-lib-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-35.el6_1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tomcat6-webapps-6.0.24-35.el6_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:10:44", "description": "Updated tomcat package fixes security vulnerabilities :\n\nIt was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition (CVE-2014-0050).\n\nApache Tomcat 7.x before 7.0.50 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data (CVE-2013-4322).\n\nApache Tomcat 7.x before 7.0.50 allows attackers to obtain Tomcat internals information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2013-4590).\n\nInteger overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data (CVE-2014-0075).\n\njava/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2014-0096).\n\nInteger overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header (CVE-2014-0099).\n\nApache Tomcat before 6.0.40 and 7.x before 7.0.54 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or read files associated with different web applications on a single Tomcat instance via a crafted web application (CVE-2014-0119).\n\nIn Apache Tomcat 7.x before 7.0.55, it was possible to craft a malformed chunk as part of a chunked request that caused Tomcat to read part of the request body as a new request (CVE-2014-0227).", "cvss3": {}, "published": "2015-03-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : tomcat (MDVSA-2015:084)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4322", "CVE-2013-4590", "CVE-2014-0050", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119", "CVE-2014-0227"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tomcat", "p-cpe:/a:mandriva:linux:tomcat-admin-webapps", "p-cpe:/a:mandriva:linux:tomcat-docs-webapp", "p-cpe:/a:mandriva:linux:tomcat-el-2.2-api", "p-cpe:/a:mandriva:linux:tomcat-javadoc", "p-cpe:/a:mandriva:linux:tomcat-jsp-2.2-api", "p-cpe:/a:mandriva:linux:tomcat-jsvc", "p-cpe:/a:mandriva:linux:tomcat-lib", "p-cpe:/a:mandriva:linux:tomcat-log4j", "p-cpe:/a:mandriva:linux:tomcat-servlet-3.0-api", "p-cpe:/a:mandriva:linux:tomcat-webapps", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-084.NASL", "href": "https://www.tenable.com/plugins/nessus/82337", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:084. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82337);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-4322\", \"CVE-2013-4590\", \"CVE-2014-0050\", \"CVE-2014-0075\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\", \"CVE-2014-0227\");\n script_xref(name:\"MDVSA\", value:\"2015:084\");\n\n script_name(english:\"Mandriva Linux Security Advisory : tomcat (MDVSA-2015:084)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat package fixes security vulnerabilities :\n\nIt was discovered that the Apache Commons FileUpload package for Java\ncould enter an infinite loop while processing a multipart request with\na crafted Content-Type, resulting in a denial-of-service condition\n(CVE-2014-0050).\n\nApache Tomcat 7.x before 7.0.50 processes chunked transfer coding\nwithout properly handling (1) a large total amount of chunked data or\n(2) whitespace characters in an HTTP header value within a trailer\nfield, which allows remote attackers to cause a denial of service by\nstreaming data (CVE-2013-4322).\n\nApache Tomcat 7.x before 7.0.50 allows attackers to obtain Tomcat\ninternals information by leveraging the presence of an untrusted web\napplication with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML\ndocument containing an external entity declaration in conjunction with\nan entity reference, related to an XML External Entity (XXE) issue\n(CVE-2013-4590).\n\nInteger overflow in the parseChunkHeader function in\njava/org/apache/coyote/http11/filters/ChunkedInputFilter.java in\nApache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote\nattackers to cause a denial of service (resource consumption) via a\nmalformed chunk size in chunked transfer coding of a request during\nthe streaming of data (CVE-2014-0075).\n\njava/org/apache/catalina/servlets/DefaultServlet.java in the default\nservlet in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 does not\nproperly restrict XSLT stylesheets, which allows remote attackers to\nbypass security-manager restrictions and read arbitrary files via a\ncrafted web application that provides an XML external entity\ndeclaration in conjunction with an entity reference, related to an XML\nExternal Entity (XXE) issue (CVE-2014-0096).\n\nInteger overflow in java/org/apache/tomcat/util/buf/Ascii.java in\nApache Tomcat before 6.0.40 and 7.x before 7.0.53, when operated\nbehind a reverse proxy, allows remote attackers to conduct HTTP\nrequest smuggling attacks via a crafted Content-Length HTTP header\n(CVE-2014-0099).\n\nApache Tomcat before 6.0.40 and 7.x before 7.0.54 does not properly\nconstrain the class loader that accesses the XML parser used with an\nXSLT stylesheet, which allows remote attackers to read arbitrary files\nvia a crafted web application that provides an XML external entity\ndeclaration in conjunction with an entity reference, related to an XML\nExternal Entity (XXE) issue, or read files associated with different\nweb applications on a single Tomcat instance via a crafted web\napplication (CVE-2014-0119).\n\nIn Apache Tomcat 7.x before 7.0.55, it was possible to craft a\nmalformed chunk as part of a chunked request that caused Tomcat to\nread part of the request body as a new request (CVE-2014-0227).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0110.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0149.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0268.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-admin-webapps-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-docs-webapp-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-el-2.2-api-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-javadoc-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-jsp-2.2-api-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-jsvc-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-lib-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-log4j-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-servlet-3.0-api-7.0.59-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"tomcat-webapps-7.0.59-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:59", "description": "Tomcat has been updated to version 6.0.41, which brings security and bug fixes.\n\nThe following security fixes have been fixed :\n\n - A XXE vulnerability via user-supplied XSLTs.\n (CVE-2014-0096)\n\n - Request smuggling via malicious content length header.\n (CVE-2014-0099)\n\n - A XML parser hijack by malicious web application. Bugs fixed:. (CVE-2014-0119)\n\n - Socket bind fails on tomcat startup when using apr (IPV6). (bnc#881700)\n\n - classpath for org/apache/juli/logging/LogFactory (bnc#844689)", "cvss3": {}, "published": "2014-08-14T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : tomcat6 (SAT Patch Number 9487)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3544", "CVE-2013-4322", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0119"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libtcnative-1-0", "p-cpe:/a:novell:suse_linux:11:tomcat6", "p-cpe:/a:novell:suse_linux:11:tomcat6-admin-webapps", "p-cpe:/a:novell:suse_linux:11:tomcat6-docs-webapp", "p-cpe:/a:novell:suse_linux:11:tomcat6-javadoc", "p-cpe:/a:novell:suse_linux:11:tomcat6-jsp-2_1-api", "p-cpe:/a:novell:suse_linux:11:tomcat6-lib", "p-cpe:/a:novell:suse_linux:11:tomcat6-servlet-2_5-api", "p-cpe:/a:novell:suse_linux:11:tomcat6-webapps", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_TOMCAT6-201407-140706.NASL", "href": "https://www.tenable.com/plugins/nessus/77197", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77197);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-3544\", \"CVE-2013-4322\", \"CVE-2014-0096\", \"CVE-2014-0099\", \"CVE-2014-0119\");\n\n script_name(english:\"SuSE 11.3 Security Update : tomcat6 (SAT Patch Number 9487)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tomcat has been updated to version 6.0.41, which brings security and\nbug fixes.\n\nThe following security fixes have been fixed :\n\n - A XXE vulnerability via user-supplied XSLTs.\n (CVE-2014-0096)\n\n - Request smuggling via malicious content length header.\n (CVE-2014-0099)\n\n - A XML parser hijack by malicious web application. Bugs\n fixed:. (CVE-2014-0119)\n\n - Socket bind fails on tomcat startup when using apr\n (IPV6). (bnc#881700)\n\n - classpath for org/apache/juli/logging/LogFactory\n (bnc#844689)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=844689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=865746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3544.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4322.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0096.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0099.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0119.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9487.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libtcnative-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-jsp-2_1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-servlet-2_5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libtcnative-1-0-1.3.3-12.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-6.0.41-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-admin-webapps-6.0.41-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-docs-webapp-6.0.41-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-javadoc-6.0.41-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-jsp-2_1-api-6.0.41-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-lib-6.0.41-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-servlet-2_5-api-6.0.41-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"tomcat6-webapps-6.0.41-0.43.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:18", "description": "Updated jbossweb packages for JBoss Enterprise Application Platform 6.0.1 that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nJBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a protected resource could bypass the Cross-Site Request Forgery (CSRF) prevention filter in JBoss Web. A remote attacker could use this flaw to perform CSRF attacks against applications that rely on the CSRF prevention filter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation and deployed applications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 on Red Hat Enterprise Linux 5 and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : jbossweb (RHSA-2013:0647)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jbossweb-lib", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0647.NASL", "href": "https://www.tenable.com/plugins/nessus/65562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0647. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65562);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4431\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56403, 56814);\n script_xref(name:\"RHSA\", value:\"2013:0647\");\n\n script_name(english:\"RHEL 5 / 6 : jbossweb (RHSA-2013:0647)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jbossweb packages for JBoss Enterprise Application Platform\n6.0.1 that fix multiple security issues are now available for Red Hat\nEnterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nJBoss Web is the web container, based on Apache Tomcat, in JBoss\nEnterprise Application Platform. It provides a single deployment\nplatform for the JavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter in JBoss Web. A remote attacker could use this flaw\nto perform CSRF attacks against applications that rely on the CSRF\nprevention filter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed\napplications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 on Red Hat\nEnterprise Linux 5 and 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5887\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jbossweb and / or jbossweb-lib packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0647\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-7.0.17-4.Final_redhat_3.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-lib-7.0.17-4.Final_redhat_3.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-7.0.17-4.Final_redhat_3.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-lib-7.0.17-4.Final_redhat_3.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jbossweb / jbossweb-lib\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:25", "description": "This update fixes a regression in parameter passing (in urldecoding of parameters that contain spaces).\n\nIn addition, multiple weaknesses in HTTP DIGESTS have been fixed (CVE-2011-1184) :\n\n - The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33 and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.\n (CVE-2011-5062)\n\n - The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184. (CVE-2011-5063)\n\n - DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184. (CVE-2011-5064)", "cvss3": {}, "published": "2012-02-07T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : tomcat6 (SAT Patch Number 5759)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1184", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:tomcat6", "p-cpe:/a:novell:suse_linux:11:tomcat6-admin-webapps", "p-cpe:/a:novell:suse_linux:11:tomcat6-docs-we