Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2401.NASL
HistoryFeb 03, 2012 - 12:00 a.m.

Debian DSA-2401-1 : tomcat6 - several vulnerabilities

2012-02-0300:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
JSON

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine :

  • CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 The HTTP Digest Access Authentication implementation performed insufficient countermeasures against replay attacks.

  • CVE-2011-2204 In rare setups passwords were written into a logfile.

  • CVE-2011-2526 Missing input sanitising in the HTTP APR or HTTP NIO connectors could lead to denial of service.

  • CVE-2011-3190 AJP requests could be spoofed in some setups.

  • CVE-2011-3375 Incorrect request caching could lead to information disclosure.

  • CVE-2011-4858 CVE-2012-0022 This update adds countermeasures against a collision denial of service vulnerability in the Java hashtable implementation and addresses denial of service potentials when processing large amounts of requests.

Additional information can be found at

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2401. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(57812);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2011-1184", "CVE-2011-2204", "CVE-2011-2526", "CVE-2011-3190", "CVE-2011-3375", "CVE-2011-4858", "CVE-2011-5062", "CVE-2011-5063", "CVE-2011-5064", "CVE-2012-0022");
  script_bugtraq_id(48456, 48667, 49353, 49762, 51200, 51442, 51447);
  script_xref(name:"DSA", value:"2401");

  script_name(english:"Debian DSA-2401-1 : tomcat6 - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been found in Tomcat, a servlet and JSP
engine :

  - CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064
    The HTTP Digest Access Authentication implementation
    performed insufficient countermeasures against replay
    attacks.

  - CVE-2011-2204
    In rare setups passwords were written into a logfile.

  - CVE-2011-2526
    Missing input sanitising in the HTTP APR or HTTP NIO
    connectors could lead to denial of service.

  - CVE-2011-3190
    AJP requests could be spoofed in some setups.

  - CVE-2011-3375
    Incorrect request caching could lead to information
    disclosure.

  - CVE-2011-4858 CVE-2012-0022
    This update adds countermeasures against a collision
    denial of service vulnerability in the Java hashtable
    implementation and addresses denial of service
    potentials when processing large amounts of requests.

Additional information can be found at"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-1184"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-5062"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-5063"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-5064"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-2204"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-2526"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-3190"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-3375"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-4858"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-0022"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/tomcat6"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2012/dsa-2401"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the tomcat6 packages.

For the stable distribution (squeeze), this problem has been fixed in
version 6.0.35-1+squeeze2."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:tomcat6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/02/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/03");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"libservlet2.5-java", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"libservlet2.5-java-doc", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"libtomcat6-java", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"tomcat6", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"tomcat6-admin", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"tomcat6-common", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"tomcat6-docs", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"tomcat6-examples", reference:"6.0.35-1+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"tomcat6-user", reference:"6.0.35-1+squeeze2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxtomcat6p-cpe:/a:debian:debian_linux:tomcat6
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0

References

Related

osv 8
redhat 12
openvas 51
debian 1
nessus 59
oraclelinux 4
centos 4
tomcat 6
suse 2
fedora 4
ubuntu 2
amazon 1
ibm 1
github 7
cve 8
prion 7
debiancve 7
ubuntucve 8
securityvulns 5
gentoo 1
checkpoint_advisories 1
osv
osv
tomcat6 - several
2012-02-02 00:00:00
Denial of Service in Apache Tomcat
2022-05-04 00:27:43
Use of Hard-coded Cryptographic Key in Apache Tomcat
2022-05-14 01:17:03
redhat
redhat
(RHSA-2012:0682) Moderate: tomcat6 security and bug fix update
2012-05-21 00:00:00
(RHSA-2012:0681) Moderate: tomcat6 security and bug fix update
2012-05-21 16:31:40
(RHSA-2012:0680) Moderate: tomcat5 security and bug fix update
2012-05-21 00:00:00
openvas
openvas
Debian Security Advisory DSA 2401-1 (tomcat6)
2012-02-12 00:00:00
Debian Security Advisory DSA 2401-1 (tomcat6)
2012-02-12 00:00:00
Oracle Linux Local Check: ELSA-2011-1780
2015-10-06 00:00:00
debian
debian
[SECURITY] [DSA 2401-1] tomcat6 security update
2012-02-02 19:29:50
nessus
nessus
RHEL 5 / 6 : JBoss Web Server (RHSA-2012:0682)
2014-11-08 00:00:00
RHEL 5 / 6 : JBoss Web Server (RHSA-2012:0680)
2014-11-08 00:00:00
RHEL 6 : tomcat6 (RHSA-2011:1780)
2011-12-06 00:00:00
oraclelinux
oraclelinux
tomcat6 security and bug fix update
2011-12-05 00:00:00
tomcat5 security update
2011-12-20 00:00:00
tomcat5 security update
2012-04-11 00:00:00
centos
centos
tomcat6 security update
2011-12-22 16:00:12
tomcat5 security update
2011-12-20 19:18:57
tomcat5 security update
2012-04-11 19:16:37
tomcat
tomcat
Fixed in Apache Tomcat 5.5.34
2011-09-22 00:00:00
Fixed in Apache Tomcat 6.0.33
2011-08-18 00:00:00
Fixed in Apache Tomcat 6.0.35
2011-12-05 00:00:00
suse
suse
Security update for tomcat6 (important)
2012-02-07 04:08:27
tomcat6: Fix multiple weaknesses in HTTP DIGESTS (important)
2012-02-09 19:09:55
fedora
fedora
[SECURITY] Fedora 15 Update: tomcat6-6.0.32-10.fc15
2011-11-10 17:33:27
[SECURITY] Fedora 15 Update: tomcat6-6.0.32-8.fc15
2011-10-20 09:58:03
[SECURITY] Fedora 16 Update: tomcat6-6.0.32-17.fc16
2011-10-19 04:35:58
ubuntu
ubuntu
Tomcat vulnerabilities
2011-11-08 00:00:00
Tomcat vulnerabilities
2012-02-13 00:00:00
amazon
amazon
Important: tomcat6
2011-12-02 22:21:00
ibm
ibm
Security Bulletin: Storwize V7000 Unified V1.3.2.3 and V1.4.0.0 Include Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
github
github
Improper Authentication in Apache Tomcat
2022-05-14 01:17:03
Denial of Service in Apache Tomcat
2022-05-04 00:27:43
Use of Hard-coded Cryptographic Key in Apache Tomcat
2022-05-14 01:17:03
cve
cve
CVE-2011-5062
2012-01-14 21:55:00
CVE-2012-0022
2012-01-19 04:01:00
CVE-2011-5064
2012-01-14 21:55:00
prion
prion
Design/Logic Flaw
2012-01-19 04:01:00
Authentication flaw
2012-01-14 21:55:00
Design/Logic Flaw
2012-01-14 21:55:00
debiancve
debiancve
CVE-2012-0022
2012-01-19 04:01:00
CVE-2011-5063
2012-01-14 21:55:00
CVE-2011-5062
2012-01-14 21:55:00
ubuntucve
ubuntucve
CVE-2012-0022
2012-01-18 00:00:00
CVE-2011-5064
2012-01-14 00:00:00
CVE-2011-5062
2012-01-14 00:00:00
securityvulns
securityvulns
Apache Tomcat security vulnerabilities
2012-01-20 00:00:00
Apache Tomcat information leakage
2011-07-18 00:00:00
[SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities
2011-07-18 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2012-06-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Tomcat Parameter Hash Collision Denial of Service - Ver2 (CVE-2011-4858)
2014-04-16 00:00:00
JSON
Related for DEBIAN_DSA-2401.NASL
osv8redhat12openvas51debian1nessus59oraclelinux4centos4tomcat6suse2fedora4ubuntu2amazon1ibm1github7cve8prion7debiancve7ubuntucve8securityvulns5gentoo1checkpoint_advisories1