Lucene search
This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2018-1055.NASLHistoryAug 10, 2018 - 12:00 a.m.
Amazon Linux AMI : tomcat7 / tomcat80 (ALAS-2018-1055)
2018-08-1000:00:00
This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable ‘supportsCredentials’ for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue.(CVE-2018-8014)
An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. (CVE-2018-1336)
The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.(CVE-2018-8034)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1055.
#
include("compat.inc");
if (description)
{
script_id(111610);
script_version("1.2");
script_cvs_date("Date: 2018/08/31 12:25:01");
script_cve_id("CVE-2018-1336", "CVE-2018-8014", "CVE-2018-8034");
script_xref(name:"ALAS", value:"2018-1055");
script_name(english:"Amazon Linux AMI : tomcat7 / tomcat80 (ALAS-2018-1055)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The defaults settings for the CORS filter provided in Apache Tomcat
are insecure and enable 'supportsCredentials' for all origins. It is
expected that users of the CORS filter will have configured it
appropriately for their environment rather than using it in the
default configuration. Therefore, it is expected that most users will
not be impacted by this issue.(CVE-2018-8014)
An improper handing of overflow in the UTF-8 decoder with
supplementary characters can lead to an infinite loop in the decoder
causing a Denial of Service. Versions Affected: Apache Tomcat
8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. (CVE-2018-1336)
The host name verification when using TLS with the WebSocket client
was missing. It is now enabled by default. Versions Affected: Apache
Tomcat 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.(CVE-2018-8034)"
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2018-1055.html"
);
script_set_attribute(
attribute:"solution",
value:
"Run 'yum update tomcat7' to update your system.
Run 'yum update tomcat80' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-admin-webapps");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-docs-webapp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-el-2.2-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-javadoc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-jsp-2.2-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-log4j");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-servlet-3.0-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat7-webapps");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-admin-webapps");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-docs-webapp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-el-3.0-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-javadoc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-jsp-2.3-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-log4j");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-servlet-3.1-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat80-webapps");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2018/08/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"tomcat7-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-admin-webapps-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-docs-webapp-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-el-2.2-api-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-javadoc-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-jsp-2.2-api-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-lib-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-log4j-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-servlet-3.0-api-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat7-webapps-7.0.90-1.33.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-admin-webapps-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-docs-webapp-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-el-3.0-api-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-javadoc-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-jsp-2.3-api-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-lib-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-log4j-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-servlet-3.1-api-8.0.53-1.80.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tomcat80-webapps-8.0.53-1.80.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tomcat7 / tomcat7-admin-webapps / tomcat7-docs-webapp / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | tomcat7 | p-cpe:/a:amazon:linux:tomcat7 |
| amazon | linux | tomcat7-admin-webapps | p-cpe:/a:amazon:linux:tomcat7-admin-webapps |
| amazon | linux | tomcat7-docs-webapp | p-cpe:/a:amazon:linux:tomcat7-docs-webapp |
| amazon | linux | tomcat7-el-2.2-api | p-cpe:/a:amazon:linux:tomcat7-el-2.2-api |
| amazon | linux | tomcat7-javadoc | p-cpe:/a:amazon:linux:tomcat7-javadoc |
| amazon | linux | tomcat7-jsp-2.2-api | p-cpe:/a:amazon:linux:tomcat7-jsp-2.2-api |
| amazon | linux | tomcat7-lib | p-cpe:/a:amazon:linux:tomcat7-lib |
| amazon | linux | tomcat7-log4j | p-cpe:/a:amazon:linux:tomcat7-log4j |
| amazon | linux | tomcat7-servlet-3.0-api | p-cpe:/a:amazon:linux:tomcat7-servlet-3.0-api |
| amazon | linux | tomcat7-webapps | p-cpe:/a:amazon:linux:tomcat7-webapps |
Related
amazon
amazon
Important: tomcat7, tomcat80
2018-08-09 16:10:00
Important: tomcat8
2018-08-09 16:12:00
Important: tomcat
2020-03-09 19:23:00
openvas
openvas
openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:2740-1)
2018-09-18 00:00:00
openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:3054-1)
2018-10-26 00:00:00
Ubuntu Update for tomcat8 USN-3723-1
2018-07-26 00:00:00
nessus
nessus
Amazon Linux AMI : tomcat8 (ALAS-2018-1056)
2018-08-10 00:00:00
openSUSE Security Update : tomcat (openSUSE-2019-770)
2019-03-27 00:00:00
openSUSE Security Update : tomcat (openSUSE-2018-1129)
2018-10-09 00:00:00
suse
suse
Security update for tomcat (moderate)
2018-09-17 12:12:40
Security update for tomcat (moderate)
2018-10-06 18:10:05
mageia
mageia
Updated tomcat packages fix security vulnerabilities
2018-12-10 00:20:39
tomcat
tomcat
Fixed in Apache Tomcat 8.0.53
2018-07-06 00:00:00
Fixed in Apache Tomcat 8.5.32
2018-06-26 00:00:00
Fixed in Apache Tomcat 9.0.9
2018-03-09 00:00:00
redhat
redhat
(RHSA-2019:0450) Moderate: Red Hat JBoss Web Server 5.0 Service Pack 2 security and bug fix update
2019-03-04 17:33:34
(RHSA-2019:0451) Moderate: Red Hat JBoss Web Server 5.0 Service Pack 2 security and bug fix update
2019-03-04 17:33:41
(RHSA-2019:2205) Moderate: tomcat security, bug fix, and enhancement update
2019-08-06 08:13:03
ubuntu
ubuntu
Tomcat vulnerabilities
2018-07-25 00:00:00
Apache Tomcat 7 vulnerabilities
2021-03-15 00:00:00
Tomcat vulnerabilities
2018-05-30 00:00:00
debian
debian
[SECURITY] [DLA 1491-1] tomcat8 security update
2018-09-02 20:26:25
[SECURITY] [DLA 1453-1] tomcat7 security update
2018-07-30 01:43:50
[SECURITY] [DSA 4281-1] tomcat8 security update
2018-08-29 06:29:28
osv
osv
tomcat8 - security update
2018-09-02 00:00:00
Important: pki-deps:10.6 security update
2019-06-18 16:36:21
Important: pki-deps:10.6 security update
2019-06-18 16:36:21
fedora
fedora
[SECURITY] Fedora 28 Update: tomcat-8.5.35-1.fc28
2019-04-03 02:02:31
[SECURITY] Fedora 28 Update: tomcat-8.5.32-1.fc28
2018-08-30 04:57:26
thn
thn
Apache Tomcat Patches Important Security Vulnerabilities
2018-07-24 11:36:00
rocky
rocky
pki-deps:10.6 security update
2019-06-18 16:36:21
almalinux
almalinux
Important: pki-deps:10.6 security update
2019-06-18 16:36:21
oraclelinux
oraclelinux
pki-deps:10.6 security update
2019-07-30 00:00:00
tomcat security, bug fix, and enhancement update
2019-08-13 00:00:00
tomcat security update
2018-10-16 00:00:00
centos
centos
tomcat security update
2019-08-30 04:27:31
tomcat security update
2018-10-16 16:57:41
ibm
ibm
ubuntucve
ubuntucve
cve
cve
github
github
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins
2018-10-17 16:32:32
The host name verification missing in Apache Tomcat
2018-10-17 16:32:43
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder
2018-10-17 16:32:18
veracode
veracode
Insecure Defaults
2018-05-17 04:40:32
Insecure Defaults
2018-07-23 05:27:23
Insecure Defaults
2019-01-15 09:24:32
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0065
2018-07-02 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0116
2018-12-26 00:00:00
Critical Photon OS Security Update - PHSA-2018-0065
2018-07-03 00:00:00
prion
prion
Default configuration
2018-05-16 16:29:00
Design/Logic Flaw
2018-08-01 18:29:00
Design/Logic Flaw
2018-08-02 14:29:00
f5
f5
K11420556 : Apache Tomcat vulnerability CVE-2018-8014
2018-07-17 00:00:00
K34468163 : Apache Tomcat vulnerability CVE-2018-8034
2018-09-05 00:00:00
K73008537 : Apache Tomcat vulnerability CVE-2018-1336
2018-09-10 00:00:00
debiancve
debiancve
redhatcve
redhatcve
kaspersky
kaspersky
KLA11256 SB vulnerability in Apache Tomcat
2018-05-15 00:00:00
KLA11597 DoS vulnerability in Apache Tomcat
2018-05-03 00:00:00
KLA11297 Multiple vulnerabilities in Apache Tomcat
2018-07-22 00:00:00
symantec
symantec
Apache Tomcat Vulnerabilities Jan-Aug 2018
2018-10-11 08:01:01
cisa
cisa
Apache Releases Security Updates for Apache Tomcat
2018-07-23 00:00:00
atlassian
atlassian
Upgrade to Tomcat 8.5.32 necessary
2018-08-01 09:33:53
Related for ALA_ALAS-2018-1055.NASL