{"id": "DEBIAN_DSA-3428.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-3428-1 : tomcat8 - security update", "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "published": "2015-12-21T00:00:00", "modified": "2018-11-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87511", "reporter": "Tenable", "references": ["https://packages.debian.org/source/jessie/tomcat8", "https://www.debian.org/security/2015/dsa-3428"], "cvelist": ["CVE-2014-7810"], "type": "nessus", "lastseen": "2018-11-13T17:10:56", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:tomcat8"], "cvelist": ["CVE-2014-7810"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "609d3252b0c517872691eb70ec9c12e420138c76bc2af62f889a8784572b17d1", "hashmap": [{"hash": "7682593865fe3c4bfddc41a9be4d6e7d", "key": "modified"}, {"hash": "1a3e991f1270d1299d7f25f2519bac72", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "badb37b6ea56e6f6ed47b3e692c1fed8", "key": "references"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "042bae3a06ddca216b6ffa156921831d", "key": "title"}, {"hash": "0c26cbe1df6ba78f5a148d30d2c8b039", "key": "cpe"}, {"hash": "172b6217f06be9ebf1a4e81944a65518", "key": "sourceData"}, {"hash": "13b226fb85121a44cc26e24e64c73de6", "key": "description"}, {"hash": "622d8025e3b28396cdac8d7bca94bbf2", "key": "cvelist"}, {"hash": "9cbb53f4166931607d769bd0f59fdae8", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "94ba03e8da0c711307ffa20fda4c0654", "key": "href"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=87511", "id": "DEBIAN_DSA-3428.NASL", "lastseen": "2017-10-29T13:45:25", "modified": "2016-04-28T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "87511", "published": "2015-12-21T00:00:00", "references": ["https://packages.debian.org/source/jessie/tomcat8", "http://www.debian.org/security/2015/dsa-3428"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3428. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87511);\n script_version(\"$Revision: 2.5 $\");\n script_cvs_date(\"$Date: 2016/04/28 18:33:24 $\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_osvdb_id(122158);\n script_xref(name:\"DSA\", value:\"3428\");\n\n script_name(english:\"Debian DSA-3428-1 : tomcat8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3428\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat8 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 8.0.14-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java-doc\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat8-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-admin\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-common\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-docs\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-examples\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-user\", reference:\"8.0.14-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-3428-1 : tomcat8 - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:45:25"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:tomcat8"], "cvelist": ["CVE-2014-7810"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "d19bdd638398e70d35dad3b5784062ae75f3da82b92fa2c0571a8850a47e47b1", "hashmap": [{"hash": "1a3e991f1270d1299d7f25f2519bac72", "key": "pluginID"}, {"hash": "126aa6199253ddc5259666d479153208", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "badb37b6ea56e6f6ed47b3e692c1fed8", "key": "references"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "042bae3a06ddca216b6ffa156921831d", "key": "title"}, {"hash": "0c26cbe1df6ba78f5a148d30d2c8b039", "key": "cpe"}, {"hash": "13b226fb85121a44cc26e24e64c73de6", "key": "description"}, {"hash": "622d8025e3b28396cdac8d7bca94bbf2", "key": "cvelist"}, {"hash": "9cbb53f4166931607d769bd0f59fdae8", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "94ba03e8da0c711307ffa20fda4c0654", "key": "href"}, {"hash": "38809461a6f1e423a6dc82f07df54411", "key": "sourceData"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=87511", "id": "DEBIAN_DSA-3428.NASL", "lastseen": "2018-07-12T18:24:42", "modified": "2018-07-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "87511", "published": "2015-12-21T00:00:00", "references": ["https://packages.debian.org/source/jessie/tomcat8", "http://www.debian.org/security/2015/dsa-3428"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3428. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87511);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/07/10 14:27:31\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"DSA\", value:\"3428\");\n\n script_name(english:\"Debian DSA-3428-1 : tomcat8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3428\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat8 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 8.0.14-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java-doc\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat8-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-admin\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-common\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-docs\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-examples\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-user\", reference:\"8.0.14-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-3428-1 : tomcat8 - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-07-12T18:24:42"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:tomcat8"], "cvelist": ["CVE-2014-7810"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "cd81886ab5292e31f80452d898a70f4cd23b6fed3cd3d3b3813cd0905007a1f4", "hashmap": [{"hash": "1a3e991f1270d1299d7f25f2519bac72", "key": "pluginID"}, {"hash": "126aa6199253ddc5259666d479153208", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "badb37b6ea56e6f6ed47b3e692c1fed8", "key": "references"}, {"hash": "042bae3a06ddca216b6ffa156921831d", "key": "title"}, {"hash": "0c26cbe1df6ba78f5a148d30d2c8b039", "key": "cpe"}, {"hash": "13b226fb85121a44cc26e24e64c73de6", "key": "description"}, {"hash": "622d8025e3b28396cdac8d7bca94bbf2", "key": "cvelist"}, {"hash": "9cbb53f4166931607d769bd0f59fdae8", "key": "published"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "94ba03e8da0c711307ffa20fda4c0654", "key": "href"}, {"hash": "38809461a6f1e423a6dc82f07df54411", "key": "sourceData"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=87511", "id": "DEBIAN_DSA-3428.NASL", "lastseen": "2018-08-30T19:57:27", "modified": "2018-07-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "87511", "published": "2015-12-21T00:00:00", "references": ["https://packages.debian.org/source/jessie/tomcat8", "http://www.debian.org/security/2015/dsa-3428"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3428. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87511);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/07/10 14:27:31\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"DSA\", value:\"3428\");\n\n script_name(english:\"Debian DSA-3428-1 : tomcat8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3428\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat8 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 8.0.14-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java-doc\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat8-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-admin\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-common\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-docs\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-examples\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-user\", reference:\"8.0.14-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-3428-1 : tomcat8 - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:57:27"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:tomcat8"], "cvelist": ["CVE-2014-7810"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "d19bdd638398e70d35dad3b5784062ae75f3da82b92fa2c0571a8850a47e47b1", "hashmap": [{"hash": "1a3e991f1270d1299d7f25f2519bac72", "key": "pluginID"}, {"hash": "126aa6199253ddc5259666d479153208", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "badb37b6ea56e6f6ed47b3e692c1fed8", "key": "references"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "042bae3a06ddca216b6ffa156921831d", "key": "title"}, {"hash": "0c26cbe1df6ba78f5a148d30d2c8b039", "key": "cpe"}, {"hash": "13b226fb85121a44cc26e24e64c73de6", "key": "description"}, {"hash": "622d8025e3b28396cdac8d7bca94bbf2", "key": "cvelist"}, {"hash": "9cbb53f4166931607d769bd0f59fdae8", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "94ba03e8da0c711307ffa20fda4c0654", "key": "href"}, {"hash": "38809461a6f1e423a6dc82f07df54411", "key": "sourceData"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=87511", "id": "DEBIAN_DSA-3428.NASL", "lastseen": "2018-09-02T00:09:09", "modified": "2018-07-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "87511", "published": "2015-12-21T00:00:00", "references": ["https://packages.debian.org/source/jessie/tomcat8", "http://www.debian.org/security/2015/dsa-3428"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3428. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87511);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/07/10 14:27:31\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"DSA\", value:\"3428\");\n\n script_name(english:\"Debian DSA-3428-1 : tomcat8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3428\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat8 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 8.0.14-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java-doc\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat8-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-admin\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-common\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-docs\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-examples\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-user\", reference:\"8.0.14-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-3428-1 : tomcat8 - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-02T00:09:09"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-7810"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "edition": 1, "enchantments": {}, "hash": "0bf33a1200cce3cad72fa90380cc545cacdfd4899aeeb5ecba7dfe73a096b727", "hashmap": [{"hash": "7682593865fe3c4bfddc41a9be4d6e7d", "key": "modified"}, {"hash": "1a3e991f1270d1299d7f25f2519bac72", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "badb37b6ea56e6f6ed47b3e692c1fed8", "key": "references"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "042bae3a06ddca216b6ffa156921831d", "key": "title"}, {"hash": "172b6217f06be9ebf1a4e81944a65518", "key": "sourceData"}, {"hash": "13b226fb85121a44cc26e24e64c73de6", "key": "description"}, {"hash": "622d8025e3b28396cdac8d7bca94bbf2", "key": "cvelist"}, {"hash": "9cbb53f4166931607d769bd0f59fdae8", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "94ba03e8da0c711307ffa20fda4c0654", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=87511", "id": "DEBIAN_DSA-3428.NASL", "lastseen": "2016-09-26T17:26:36", "modified": "2016-04-28T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.2", "pluginID": "87511", "published": "2015-12-21T00:00:00", "references": ["https://packages.debian.org/source/jessie/tomcat8", "http://www.debian.org/security/2015/dsa-3428"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3428. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87511);\n script_version(\"$Revision: 2.5 $\");\n script_cvs_date(\"$Date: 2016/04/28 18:33:24 $\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_osvdb_id(122158);\n script_xref(name:\"DSA\", value:\"3428\");\n\n script_name(english:\"Debian DSA-3428-1 : tomcat8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3428\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat8 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 8.0.14-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java-doc\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat8-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-admin\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-common\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-docs\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-examples\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-user\", reference:\"8.0.14-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-3428-1 : tomcat8 - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:36"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "0c26cbe1df6ba78f5a148d30d2c8b039"}, {"key": "cvelist", "hash": "622d8025e3b28396cdac8d7bca94bbf2"}, {"key": "cvss", "hash": "26769fd423968d45be7383413e2552f1"}, {"key": "description", "hash": "13b226fb85121a44cc26e24e64c73de6"}, {"key": "href", "hash": "94ba03e8da0c711307ffa20fda4c0654"}, {"key": "modified", "hash": "3c764d4cf584f9ded7aa4dcca57c78ff"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "1a3e991f1270d1299d7f25f2519bac72"}, {"key": "published", "hash": "9cbb53f4166931607d769bd0f59fdae8"}, {"key": "references", "hash": "e4319f8044a9a9b140fe234980033da9"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "daf42bf61d859c088405e086f799d4ce"}, {"key": "title", "hash": "042bae3a06ddca216b6ffa156921831d"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "a3ac0ba3938e788d19fdaebf7692b81dc5bda020f30b249ed1c989a0d3e5b13a", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3428. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87511);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:37\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"DSA\", value:\"3428\");\n\n script_name(english:\"Debian DSA-3428-1 : tomcat8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3428\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat8 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 8.0.14-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java-doc\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat8-java\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-admin\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-common\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-docs\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-examples\", reference:\"8.0.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-user\", reference:\"8.0.14-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "87511", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:tomcat8"]}

{"cve": [{"lastseen": "2018-07-19T11:09:04", "references": ["http://rhn.redhat.com/errata/RHSA-2015-1622.html", "http://svn.apache.org/viewvc?view=revision&revision=1644018", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", "http://www.securityfocus.com/bid/74665", "http://rhn.redhat.com/errata/RHSA-2016-2046.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "http://svn.apache.org/viewvc?view=revision&revision=1645642", "http://www.ubuntu.com/usn/USN-2654-1", "http://rhn.redhat.com/errata/RHSA-2016-0492.html", "http://www.debian.org/security/2016/dsa-3447", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "http://www.securitytracker.com/id/1032330", "http://www.debian.org/security/2015/dsa-3428", "http://tomcat.apache.org/security-8.html", "http://marc.info/?l=bugtraq&m=145974991225029&w=2", "http://rhn.redhat.com/errata/RHSA-2015-1621.html", "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "http://tomcat.apache.org/security-6.html", "http://www.debian.org/security/2016/dsa-3530", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.ubuntu.com/usn/USN-2655-1", "http://tomcat.apache.org/security-7.html"], "description": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", "edition": 4, "reporter": "NVD", "published": "2015-06-07T19:59:03", "title": "CVE-2014-7810", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7810"], "scanner": [], "modified": "2018-07-18T21:29:01", "cpe": ["cpe:/a:apache:tomcat:6.0.16", "cpe:/a:apache:tomcat:7.0.11", "cpe:/a:apache:tomcat:6.0.2:alpha", "cpe:/a:apache:tomcat:8.0.0:rc10", "cpe:/a:apache:tomcat:6.0.7:alpha", "cpe:/a:apache:tomcat:7.0.50", "cpe:/a:apache:tomcat:6.0.32", "cpe:/a:apache:tomcat:6.0.7", "cpe:/a:apache:tomcat:6.0.33", "cpe:/a:apache:tomcat:7.0.40", "cpe:/a:apache:tomcat:6.0.0", "cpe:/a:apache:tomcat:6.0.8:alpha", "cpe:/a:apache:tomcat:6.0.4", "cpe:/a:apache:tomcat:7.0.35", "cpe:/a:apache:tomcat:6.0.10", "cpe:/a:apache:tomcat:7.0.29", "cpe:/a:apache:tomcat:6.0.5", "cpe:/a:apache:tomcat:7.0.54", "cpe:/a:apache:tomcat:7.0.52", "cpe:/a:apache:tomcat:6.0.20", "cpe:/a:apache:tomcat:6.0.6", "cpe:/a:apache:tomcat:7.0.42", "cpe:/a:apache:tomcat:7.0.16", "cpe:/a:apache:tomcat:7.0.32", "cpe:/a:apache:tomcat:7.0.41", "cpe:/a:apache:tomcat:7.0.49", "cpe:/a:apache:tomcat:8.0.0:rc1", "cpe:/a:apache:tomcat:6.0.28", "cpe:/a:apache:tomcat:7.0.4", "cpe:/a:apache:tomcat:6.0.6:alpha", "cpe:/a:apache:tomcat:7.0.36", "cpe:/a:apache:tomcat:8.0.3", "cpe:/a:apache:tomcat:6.0.13", "cpe:/a:apache:tomcat:7.0.23", "cpe:/a:apache:tomcat:6.0.14", "cpe:/a:apache:tomcat:7.0.37", "cpe:/a:apache:tomcat:7.0.46", "cpe:/a:apache:tomcat:6.0.9:beta", "cpe:/a:apache:tomcat:6.0.41", "cpe:/a:apache:tomcat:7.0.20", "cpe:/a:apache:tomcat:7.0.3", "cpe:/a:apache:tomcat:7.0.48", "cpe:/a:apache:tomcat:7.0.7", "cpe:/a:apache:tomcat:6.0.29", "cpe:/a:apache:tomcat:7.0.24", "cpe:/a:apache:tomcat:8.0.12", "cpe:/a:apache:tomcat:7.0.28", "cpe:/a:apache:tomcat:7.0.44", "cpe:/a:apache:tomcat:7.0.27", "cpe:/a:apache:tomcat:6.0.19", "cpe:/a:apache:tomcat:6.0.12", "cpe:/a:apache:tomcat:8.0.9", "cpe:/a:apache:tomcat:7.0.45", "cpe:/a:apache:tomcat:7.0.13", "cpe:/a:apache:tomcat:7.0.0:beta", "cpe:/a:apache:tomcat:8.0.8", "cpe:/a:apache:tomcat:7.0.0", "cpe:/a:apache:tomcat:6.0.11", "cpe:/a:apache:tomcat:6.0.37", "cpe:/a:apache:tomcat:6.0.4:alpha", "cpe:/a:apache:tomcat:7.0.15", "cpe:/a:apache:tomcat:7.0.2", "cpe:/a:apache:tomcat:7.0.25", "cpe:/a:apache:tomcat:8.0.5", "cpe:/a:apache:tomcat:6.0.43", "cpe:/a:apache:tomcat:7.0.12", "cpe:/a:apache:tomcat:7.0.2:beta", "cpe:/a:apache:tomcat:6.0.8", "cpe:/a:apache:tomcat:7.0.38", "cpe:/a:apache:tomcat:7.0.18", "cpe:/a:apache:tomcat:6.0.26", "cpe:/a:apache:tomcat:7.0.30", "cpe:/a:apache:tomcat:7.0.22", "cpe:/a:apache:tomcat:7.0.26", "cpe:/a:apache:tomcat:7.0.56", "cpe:/a:apache:tomcat:6.0.2", "cpe:/a:apache:tomcat:6.0.1", "cpe:/a:apache:tomcat:7.0.19", "cpe:/a:apache:tomcat:7.0.33", "cpe:/a:apache:tomcat:8.0.15", "cpe:/a:apache:tomcat:7.0.17", "cpe:/a:apache:tomcat:7.0.55", "cpe:/a:apache:tomcat:7.0.5", "cpe:/a:apache:tomcat:8.0.14", "cpe:/a:apache:tomcat:7.0.53", "cpe:/a:apache:tomcat:8.0.11", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:apache:tomcat:8.0.0:rc5", "cpe:/a:apache:tomcat:7.0.39", "cpe:/a:apache:tomcat:7.0.9", "cpe:/a:apache:tomcat:6.0.31", "cpe:/a:apache:tomcat:7.0.1", "cpe:/a:apache:tomcat:6.0.24", "cpe:/a:apache:tomcat:6.0.39", "cpe:/a:apache:tomcat:7.0.8", "cpe:/a:apache:tomcat:7.0.47", "cpe:/a:apache:tomcat:7.0.34", "cpe:/a:apache:tomcat:6.0.36", "cpe:/a:apache:tomcat:6.0.7:beta", "cpe:/a:apache:tomcat:7.0.6", "cpe:/a:apache:tomcat:7.0.14", "cpe:/a:apache:tomcat:6.0.35", "cpe:/a:apache:tomcat:6.0.17", "cpe:/a:apache:tomcat:6.0.27", "cpe:/a:apache:tomcat:6.0.2:beta", "cpe:/a:apache:tomcat:7.0.21", "cpe:/a:apache:tomcat:6.0.3", "cpe:/a:apache:tomcat:6.0.0:alpha", "cpe:/a:apache:tomcat:6.0.15", "cpe:/a:apache:tomcat:6.0.18", "cpe:/a:apache:tomcat:7.0.4:beta", "cpe:/a:apache:tomcat:8.0.0:rc2", "cpe:/a:apache:tomcat:6.0.1:alpha", "cpe:/a:apache:tomcat:7.0.57", "cpe:/a:apache:tomcat:7.0.10", "cpe:/a:apache:tomcat:7.0.31", "cpe:/a:apache:tomcat:8.0.1", "cpe:/a:apache:tomcat:6.0.30", "cpe:/a:apache:tomcat:6.0.9", "cpe:/a:apache:tomcat:7.0.43"], "id": "CVE-2014-7810", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7810", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "f5": [{"lastseen": "2016-10-23T21:23:55", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.\n\nMitigation\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network and limit shell access to only trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "reporter": "f5", "published": "2016-10-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "f5", "title": "SOL38110373 - Apache Tomcat vulnerability CVE-2014-7810", "bulletinFamily": "software", "affectedSoftware": [{"name": "Traffix SDC", "version": "4.4.0", "operator": "le"}, {"name": "ARX", "version": "6.4.0", "operator": "le"}], "cvelist": ["CVE-2014-7810"], "modified": "2016-10-23T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/38/sol38110373.html", "id": "SOL38110373", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-06-08T00:16:06", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned ID 466436 (ARX), and INSTALLER-2786 (Traffix) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1| Not vulnerable \n\n| None \nARX| 6.2.0 - 6.4.0| None| Low| Apache Tomcat / WebUI \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.0.1| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| 4.0.0 - 4.4.0| 5.0.0| Low| WebUI\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network and limit shell access to only trusted users.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "reporter": "f5", "published": "2016-10-23T20:28:00", "title": "Apache Tomcat vulnerability CVE-2014-7810", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-2014-7810"], "modified": "2016-10-23T20:28:00", "id": "F5:K38110373", "href": "https://support.f5.com/csp/article/K38110373", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:59", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\nCVE-2014-7810 Security Manager Bypass\r\n\r\nSeverity: Moderate\r\n\r\nVendor: The Apache Software Foundation\r\n\r\nVersions Affected:\r\n- - Apache Tomcat 8.0.0-RC1 to 8.0.15\r\n- - Apache Tomcat 7.0.0 to 7.0.57\r\n- - Apache Tomcat 6.0.0 to 6.0.43\r\n\r\nDescription:\r\nMalicious web applications could use expression language to bypass the\r\nprotections of a Security Manager as expressions were evaluated within\r\na privileged code section.\r\nThis issue only affects installations that run web applications from\r\nuntrusted sources.\r\n\r\nMitigation:\r\nUsers of affected versions should apply one of the following mitigations\r\n- - Upgrade to Apache Tomcat 8.0.17 or later\r\n &#40;8.0.16 has the fix but was not released&#41;\r\n- - Upgrade to Apache Tomcat 7.0.59 or later\r\n &#40;7.0.58 has the fix but was not released&#41;\r\n- - Upgrade to Apache Tomcat 6.0.44 or later\r\n\r\n\r\nCredit:\r\nThis issue was discovered by the Apache Tomcat security team.\r\n\r\nReferences:\r\n[1] http://tomcat.apache.org/security-8.html\r\n[2] http://tomcat.apache.org/security-7.html\r\n[3] http://tomcat.apache.org/security-6.html\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2\r\n\r\niQIcBAEBCAAGBQJVVKsbAAoJEBDAHFovYFnnTkYQAMos6+1kaJ+d+h0oGeiG7CDV\r\nPxcQ/AS0LdqXZuC92dXYNv+eQTB+pD0N9ePIyIMwsyEzeS2KGyOw5R8Klsro6lcq\r\neYKH8Tv7egIzKO9dRCqhyWTytl73KPf0h6z4nnVHr/rTJ2/7pJX6x+7fjey5jcO+\r\nG7kCQErj6bnNzgeMM/mLLVlM7YYrbA5hbQgplCdgRO5NpxaL+3raaJ19/gFZKjP3\r\nMqgwg/6uopkgxTFRh8Fprj6tdoPBXZ6Vxy3qJmcuOCt0yktaypqFPLTH+JM6pnme\r\n6/Mdk4u6PhKyGPPlmvrub0priFl32tEyJNBkghHJd2QkYkZrM6t3wcOsgUawPJxZ\r\nhJrq+nJ7CJ3FUzcj9o05M4Q/TJ7seOurhPXF8YMIPn7ibrSb1Eq2Y0yZe/NGij/k\r\ndOZX5m3I62HeS1zjCIcIhKx9i6ZFTvfoe8/bF6/LPgAqfy2AB8+HBrRGVfqUh/QB\r\nw3AdDX7BxDWJKVgz9YknJG9keuR0tLV+MOI0M0LS9LHj9wAiunmq/+x03ZUX+coc\r\nbtTrKnSuZq5sjmX5Xj7rilrSlq1GftGMnQyxOHiIzjCR9b59yS/BX/OkprrFXIAM\r\nNd42B7vxWubKuOhXlyMlDt4QpnM3RsAFaD3irNc3LAQ3kpdtvsinExr3VaCvIcJ1\r\nIETAzUe85oPF2HojrJDu\r\n=2DTj\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-05-17T00:00:00", "title": "[SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:59", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-7810"], "modified": "2015-05-17T00:00:00", "id": "SECURITYVULNS:DOC:32123", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32123", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:00", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32025", "https://vulners.com/securityvulns/securityvulns:doc:32123"], "description": "Resources exhaustion, restrictions bypass.", "edition": 1, "reporter": "BUGTRAQ", "published": "2015-05-17T00:00:00", "title": "Apache Tomcat security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:00", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Tomcat", "version": "8.0", "operator": "eq"}], "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "modified": "2015-05-17T00:00:00", "id": "SECURITYVULNS:VULN:14462", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14462", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-01T23:45:38", "references": ["2016:0492", "http://lists.centos.org/pipermail/centos-announce/2016-March/021766.html"], "pluginID": "1361412562310882434", "description": "Check the version of tomcat6", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-03-24T00:00:00", "title": "CentOS Update for tomcat6 CESA-2016:0492 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882434", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882434", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat6 CESA-2016:0492 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882434\");\n script_version(\"$Revision: 6658 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:51:48 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-24 06:15:02 +0100 (Thu, 24 Mar 2016)\");\n script_cve_id(\"CVE-2014-7810\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for tomcat6 CESA-2016:0492 centos6 \");\n script_tag(name: \"summary\", value: \"Check the version of tomcat6\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Apache Tomcat is a servlet container for \nthe Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\n\");\n script_tag(name: \"affected\", value: \"tomcat6 on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2016:0492\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2016-March/021766.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el\", rpm:\"tomcat6-el~2.1~api~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp\", rpm:\"tomcat6-jsp~2.1~api~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet\", rpm:\"tomcat6-servlet~2.5~api~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.24~94.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:52:41", "references": ["http://www.debian.org/security/2015/dsa-3428.html"], "pluginID": "1361412562310703428", "description": "It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.", "edition": 3, "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "published": "2015-12-18T00:00:00", "title": "Debian Security Advisory DSA 3428-1 (tomcat8 - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310703428", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703428", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3428.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3428-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703428\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2014-7810\");\n script_name(\"Debian Security Advisory DSA 3428-1 (tomcat8 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-12-18 00:00:00 +0100 (Fri, 18 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3428.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"tomcat8 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Tomcat implements the Java\nServlet and the JavaServer Pages (JSP) specifications from Oracle, and provides\na 'pure Java' HTTP web server environment for Java code to run.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 8.0.14-1+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 8.0.21-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 8.0.21-2.\n\nWe recommend that you upgrade your tomcat8 packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java-doc\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat8-java\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-admin\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-common\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-docs\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-examples\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-user\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java-doc\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat8-java\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-admin\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-common\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-docs\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-examples\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-user\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-22T16:40:05", "references": ["http://openwall.com/lists/oss-security/2015/04/10/1", "http://tomcat.apache.org/security-6.html", "http://tomcat.apache.org/security-7.html"], "pluginID": "1361412562310805701", "description": "This host is installed with Apache Tomcat\n and is prone to security bypass vulnerability.", "edition": 7, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-06-16T00:00:00", "title": "Apache Tomcat SecurityManager Security Bypass Vulnerability - Jun15 (Linux)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Web Servers", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805701", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805701", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_tomcat_securitymanager_sec_bypass_vuln_june15_lin.nasl 2015-06-16 15:04:10 +0530 Jun$\n#\n# Apache Tomcat SecurityManager Security Bypass Vulnerability - Jun15 (Linux)\n#\n# Authors:\n# Deependra Bapna <bdeependra@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805701\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-7810\");\n script_bugtraq_id(74665);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 15:04:10 +0530 (Tue, 16 Jun 2015)\");\n script_name(\"Apache Tomcat SecurityManager Security Bypass Vulnerability - Jun15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Tomcat\n and is prone to security bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the Expression Language\n does not properly consider the possibility of an accessible interface\n implemented by an inaccessible class.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass certain authentication and obtain sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat 6.x before 6.0.44,\n 7.x before 7.0.58, and 8.x before 8.0.16 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 6.0.44 or 7.0.58 or\n 8.0.16 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html\");\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2015/04/10/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_apache_tomcat_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"ApacheTomcat/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 8080);\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!appPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!appVer = get_app_version(cpe:CPE, port:appPort)){\n exit(0);\n}\n\nif(appVer =~ \"^6\\.0\")\n{\n if(version_in_range(version:appVer, test_version:\"6.0\", test_version2:\"6.0.43\"))\n {\n fix = \"6.0.44\";\n VULN = TRUE;\n }\n}\n\nif(appVer =~ \"^7\\.0\")\n{\n if(version_in_range(version:appVer, test_version:\"7.0\", test_version2:\"7.0.57\"))\n {\n fix = \"7.0.58\";\n VULN = TRUE;\n }\n}\n\nif(appVer =~ \"^8\\.0\")\n{\n if(version_in_range(version:appVer, test_version:\"8.0\", test_version2:\"8.0.15\"))\n {\n fix = \"8.0.16\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + appVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report, port:appPort);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-12T12:38:22", "references": ["http://linux.oracle.com/errata/ELSA-2016-0492.html"], "pluginID": "1361412562310122909", "description": "Oracle Linux Local Security Checks ELSA-2016-0492", "edition": 6, "reporter": "Eero Volotinen", "published": "2016-03-23T00:00:00", "title": "Oracle Linux Local Check: ELSA-2016-0492", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310122909", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122909", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0492.nasl 11856 2018-10-12 07:45:29Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.fi\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122909\");\n script_version(\"$Revision: 11856 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-23 07:08:56 +0200 (Wed, 23 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:45:29 +0200 (Fri, 12 Oct 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0492\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0492 - tomcat6 security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0492\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0492.html\");\n script_cve_id(\"CVE-2014-7810\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-el\", rpm:\"tomcat6-el~2.1~api~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp\", rpm:\"tomcat6-jsp~2.1~api~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet\", rpm:\"tomcat6-servlet~2.5~api~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.24~94.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-23T15:10:12", "references": ["https://www.redhat.com/archives/rhsa-announce/2016-March/msg00057.html", "2016:0492-01"], "pluginID": "1361412562310871581", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-03-23T00:00:00", "title": "RedHat Update for tomcat6 RHSA-2016:0492-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871581", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871581", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat6 RHSA-2016:0492-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871581\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-23 06:16:59 +0100 (Wed, 23 Mar 2016)\");\n script_cve_id(\"CVE-2014-7810\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for tomcat6 RHSA-2016:0492-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat6'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container for\nthe Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n * Previously, using a New I/O (NIO) connector in the Apache Tomcat 6\nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\");\n script_tag(name:\"affected\", value:\"tomcat6 on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0492-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-March/msg00057.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.24~94.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-debuginfo\", rpm:\"tomcat6-debuginfo~6.0.24~94.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-el\", rpm:\"tomcat6-el~2.1~api~6.0.24~94.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-jsp\", rpm:\"tomcat6-jsp~2.1~api~6.0.24~94.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.24~94.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat6-servlet\", rpm:\"tomcat6-servlet~2.5~api~6.0.24~94.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-22T16:38:46", "references": ["http://tomcat.apache.org/security-6.html", "http://tomcat.apache.org/security-7.html"], "pluginID": "1361412562310805702", "description": "This host is installed with Apache Tomcat\n and is prone to security bypass vulnerability.", "edition": 6, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-06-16T00:00:00", "title": "Apache Tomcat SecurityManager Security Bypass Vulnerability - Jun15 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Web Servers", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805702", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805702", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_tomcat_securitymanager_sec_bypass_vuln_june15_win.nasl 2015-06-16 15:04:10 +0530 Jun$\n#\n# Apache Tomcat SecurityManager Security Bypass Vulnerability - Jun15 (Windows)\n#\n# Authors:\n# Deependra Bapna <bdeependra@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805702\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-7810\");\n script_bugtraq_id(74665);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 15:04:10 +0530 (Tue, 16 Jun 2015)\");\n script_name(\"Apache Tomcat SecurityManager Security Bypass Vulnerability - Jun15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Tomcat\n and is prone to security bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the Expression Language\n does not properly consider the possibility of an accessible interface\n implemented by an inaccessible class.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass certain authentication and obtain sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat 6.x before 6.0.44,\n 7.x before 7.0.58, and 8.x before 8.0.16 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 6.0.44 or 7.0.58 or\n 8.0.16 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_apache_tomcat_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"ApacheTomcat/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 8080);\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!appPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!appVer = get_app_version(cpe:CPE, port:appPort)){\n exit(0);\n}\n\nif(appVer =~ \"^6\\.0\")\n{\n if(version_in_range(version:appVer, test_version:\"6.0\", test_version2:\"6.0.43\"))\n {\n fix = \"6.0.44\";\n VULN = TRUE;\n }\n}\n\nif(appVer =~ \"^7\\.0\")\n{\n if(version_in_range(version:appVer, test_version:\"7.0\", test_version2:\"7.0.57\"))\n {\n fix = \"7.0.58\";\n VULN = TRUE;\n }\n}\n\nif(appVer =~ \"^8\\.0\")\n{\n if(version_in_range(version:appVer, test_version:\"8.0\", test_version2:\"8.0.15\"))\n {\n fix = \"8.0.16\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + appVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report, port:appPort);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:53:34", "references": ["http://www.debian.org/security/2015/dsa-3428.html"], "pluginID": "703428", "description": "It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.", "edition": 2, "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "published": "2015-12-18T00:00:00", "title": "Debian Security Advisory DSA 3428-1 (tomcat8 - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703428", "id": "OPENVAS:703428", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3428.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3428-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703428);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2014-7810\");\n script_name(\"Debian Security Advisory DSA 3428-1 (tomcat8 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-12-18 00:00:00 +0100 (Fri, 18 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3428.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"tomcat8 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Tomcat implements the Java\nServlet and the JavaServer Pages (JSP) specifications from Oracle, and provides\na 'pure Java' HTTP web server environment for Java code to run.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 8.0.14-1+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 8.0.21-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 8.0.21-2.\n\nWe recommend that you upgrade your tomcat8 packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that malicious web\napplications could use the Expression Language to bypass protections of a Security\nManager as expressions were evaluated within a privileged code section.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java-doc\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat8-java\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-admin\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-common\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-docs\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-examples\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-user\", ver:\"8.0.21-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java-doc\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat8-java\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-admin\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-common\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-docs\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-examples\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-user\", ver:\"8.0.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-12T12:38:39", "references": ["https://alas.aws.amazon.com/ALAS-2016-656.html"], "pluginID": "1361412562310120646", "description": "Amazon Linux Local Security Checks", "edition": 6, "reporter": "Eero Volotinen", "published": "2016-03-11T00:00:00", "title": "Amazon Linux Local Check: alas-2016-656", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310120646", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120646", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2016-656.nasl 6574 2017-07-06 13:41:26Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120646\");\n script_version(\"$Revision: 11856 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-11 07:09:10 +0200 (Fri, 11 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:45:29 +0200 (Fri, 12 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2016-656\");\n script_tag(name:\"insight\", value:\"It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810 )It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230 )\");\n script_tag(name:\"solution\", value:\"Run yum update tomcat6 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-656.html\");\n script_cve_id(\"CVE-2014-7810\", \"CVE-2014-0230\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"tomcat6-el\", rpm:\"tomcat6-el~2.1~api~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-servlet\", rpm:\"tomcat6-servlet~2.5~api~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-jsp\", rpm:\"tomcat6-jsp~2.1~api~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.44~1.3.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-12T12:38:16", "references": ["https://alas.aws.amazon.com/ALAS-2016-657.html"], "pluginID": "1361412562310120647", "description": "Amazon Linux Local Security Checks", "edition": 6, "reporter": "Eero Volotinen", "published": "2016-03-11T00:00:00", "title": "Amazon Linux Local Check: alas-2016-657", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5346", "CVE-2015-5174", "CVE-2014-7810"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310120647", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120647", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2016-657.nasl 6574 2017-07-06 13:41:26Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120647\");\n script_version(\"$Revision: 11856 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-11 07:09:11 +0200 (Fri, 11 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:45:29 +0200 (Fri, 12 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2016-657\");\n script_tag(name:\"insight\", value:\"A directory traversal vulnerability in RequestUtil.java was discovered which allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call. (CVE-2015-5174 )A session fixation vulnerability was discovered that might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request when different session settings are used for deployments of multiple versions of the same web application. (CVE-2015-5346 )It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810 )\");\n script_tag(name:\"solution\", value:\"Run yum update tomcat7 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-657.html\");\n script_cve_id(\"CVE-2015-5174\", \"CVE-2015-5346\", \"CVE-2014-7810\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"tomcat7-el\", rpm:\"tomcat7-el~2.2~api~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-log4j\", rpm:\"tomcat7-log4j~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7\", rpm:\"tomcat7~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-docs-webapp\", rpm:\"tomcat7-docs-webapp~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-webapps\", rpm:\"tomcat7-webapps~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-admin-webapps\", rpm:\"tomcat7-admin-webapps~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-lib\", rpm:\"tomcat7-lib~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-jsp\", rpm:\"tomcat7-jsp~2.2~api~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-servlet\", rpm:\"tomcat7-servlet~3.0~api~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat7-javadoc\", rpm:\"tomcat7-javadoc~7.0.67~1.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-12T12:37:19", "references": ["https://alas.aws.amazon.com/ALAS-2016-658.html"], "pluginID": "1361412562310120648", "description": "Amazon Linux Local Security Checks", "edition": 6, "reporter": "Eero Volotinen", "published": "2016-03-11T00:00:00", "title": "Amazon Linux Local Check: alas-2016-658", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5345", "CVE-2015-5174", "CVE-2014-7810"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310120648", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120648", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2016-658.nasl 6574 2017-07-06 13:41:26Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120648\");\n script_version(\"$Revision: 11856 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-11 07:09:12 +0200 (Fri, 11 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:45:29 +0200 (Fri, 12 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2016-658\");\n script_tag(name:\"insight\", value:\"A directory traversal vulnerability in RequestUtil.java was discovered which allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call. (CVE-2015-5174 )The Mapper component processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. (CVE-2015-5345 )It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810 )\");\n script_tag(name:\"solution\", value:\"Run yum update tomcat8 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-658.html\");\n script_cve_id(\"CVE-2015-5174\", \"CVE-2015-5345\", \"CVE-2014-7810\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"tomcat8\", rpm:\"tomcat8~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-log4j\", rpm:\"tomcat8-log4j~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-lib\", rpm:\"tomcat8-lib~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-admin-webapps\", rpm:\"tomcat8-admin-webapps~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-javadoc\", rpm:\"tomcat8-javadoc~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-servlet\", rpm:\"tomcat8-servlet~3.1~api~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-el\", rpm:\"tomcat8-el~3.0~api~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-docs-webapp\", rpm:\"tomcat8-docs-webapp~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-jsp\", rpm:\"tomcat8-jsp~2.3~api~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"tomcat8-webapps\", rpm:\"tomcat8-webapps~8.0.30~1.57.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2018-11-11T12:44:04", "references": ["http://www.nessus.org/u?f10d8721"], "pluginID": "90121", "description": "Updated tomcat6 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 servlet resulted in a large memory leak. An upstream patch has been applied to fix this bug, and the memory leak no longer occurs.\n(BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "edition": 7, "reporter": "Tenable", "published": "2016-03-24T00:00:00", "title": "CentOS 6 : tomcat6 (CESA-2016:0492)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:tomcat6-servlet-2.5-api", "p-cpe:/a:centos:centos:tomcat6-el-2.1-api", "p-cpe:/a:centos:centos:tomcat6-lib", "p-cpe:/a:centos:centos:tomcat6-docs-webapp", "p-cpe:/a:centos:centos:tomcat6-webapps", "p-cpe:/a:centos:centos:tomcat6-admin-webapps", "p-cpe:/a:centos:centos:tomcat6-jsp-2.1-api", "p-cpe:/a:centos:centos:tomcat6-javadoc", "p-cpe:/a:centos:centos:tomcat6"], "id": "CENTOS_RHSA-2016-0492.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90121", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0492 and \n# CentOS Errata and Security Advisory 2016:0492 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90121);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:31\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"RHSA\", value:\"2016:0492\");\n\n script_name(english:\"CentOS 6 : tomcat6 (CESA-2016:0492)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated\nexpressions within a privileged code section. A malicious web\napplication could use this flaw to bypass security manager\nprotections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6\nservlet resulted in a large memory leak. An upstream patch has been\napplied to fix this bug, and the memory leak no longer occurs.\n(BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. Tomcat must\nbe restarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-March/021766.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f10d8721\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-admin-webapps-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-docs-webapp-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-el-2.1-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-javadoc-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-lib-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tomcat6-webapps-6.0.24-94.el6_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-13T17:05:47", "references": ["https://security-tracker.debian.org/tracker/CVE-2014-0227", "https://packages.debian.org/source/jessie/tomcat7", "https://packages.debian.org/source/wheezy/tomcat7", "https://www.debian.org/security/2016/dsa-3447", "https://security-tracker.debian.org/tracker/CVE-2014-0075", "https://security-tracker.debian.org/tracker/CVE-2014-0099", "https://security-tracker.debian.org/tracker/CVE-2013-4444", "https://security-tracker.debian.org/tracker/CVE-2014-0230"], "pluginID": "87979", "description": "It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section.", "edition": 6, "reporter": "Tenable", "published": "2016-01-19T00:00:00", "title": "Debian DSA-3447-1 : tomcat7 - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:tomcat7"], "id": "DEBIAN_DSA-3447.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87979", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3447. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87979);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:37\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"DSA\", value:\"3447\");\n\n script_name(english:\"Debian DSA-3447-1 : tomcat7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/tomcat7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3447\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat7 packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 7.0.28-4+deb7u3. This update also provides fixes for\nCVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227 and\nCVE-2014-0230, which were all fixed for the stable distribution\n(jessie) already.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libservlet3.0-java\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libservlet3.0-java-doc\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtomcat7-java\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-admin\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-common\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-docs\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-examples\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tomcat7-user\", reference:\"7.0.28-4+deb7u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.0-java\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.0-java-doc\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat7-java\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-admin\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-common\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-docs\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-examples\", reference:\"7.0.56-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-user\", reference:\"7.0.56-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-13T16:53:40", "references": ["https://access.redhat.com/security/cve/cve-2014-7810", "http://www.nessus.org/u?fc7e8cfb", "https://access.redhat.com/errata/RHSA-2016:0492"], "pluginID": "90115", "description": "Updated tomcat6 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 servlet resulted in a large memory leak. An upstream patch has been applied to fix this bug, and the memory leak no longer occurs.\n(BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "edition": 8, "reporter": "Tenable", "published": "2016-03-23T00:00:00", "title": "RHEL 6 : tomcat6 (RHSA-2016:0492)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat6", "cpe:/o:redhat:enterprise_linux:6.7", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-debuginfo", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api"], "id": "REDHAT-RHSA-2016-0492.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90115", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0492. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90115);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:55\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"RHSA\", value:\"2016:0492\");\n\n script_name(english:\"RHEL 6 : tomcat6 (RHSA-2016:0492)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated\nexpressions within a privileged code section. A malicious web\napplication could use this flaw to bypass security manager\nprotections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6\nservlet resulted in a large memory leak. An upstream patch has been\napplied to fix this bug, and the memory leak no longer occurs.\n(BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. Tomcat must\nbe restarted for this update to take effect.\"\n );\n # https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fc7e8cfb\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0492\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7810\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0492\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-admin-webapps-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-admin-webapps-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-admin-webapps-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-debuginfo-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-debuginfo-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-debuginfo-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-docs-webapp-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-docs-webapp-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-docs-webapp-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-el-2.1-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-el-2.1-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-el-2.1-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-javadoc-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-javadoc-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-javadoc-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-jsp-2.1-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-jsp-2.1-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-jsp-2.1-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-lib-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-lib-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-lib-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-servlet-2.5-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-servlet-2.5-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-servlet-2.5-api-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat6-webapps-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tomcat6-webapps-6.0.24-94.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat6-webapps-6.0.24-94.el6_7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-02T00:11:21", "references": ["https://oss.oracle.com/pipermail/el-errata/2016-March/005893.html"], "pluginID": "90111", "description": "From Red Hat Security Advisory 2016:0492 :\n\nUpdated tomcat6 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 servlet resulted in a large memory leak. An upstream patch has been applied to fix this bug, and the memory leak no longer occurs.\n(BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.", "edition": 5, "reporter": "Tenable", "published": "2016-03-23T00:00:00", "title": "Oracle Linux 6 : tomcat6 (ELSA-2016-0492)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-07-24T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:tomcat6-servlet-2.5-api", "p-cpe:/a:oracle:linux:tomcat6-lib", "p-cpe:/a:oracle:linux:tomcat6-el-2.1-api", "p-cpe:/a:oracle:linux:tomcat6-webapps", "p-cpe:/a:oracle:linux:tomcat6-admin-webapps", "p-cpe:/a:oracle:linux:tomcat6-javadoc", "p-cpe:/a:oracle:linux:tomcat6", "p-cpe:/a:oracle:linux:tomcat6-docs-webapp", "p-cpe:/a:oracle:linux:tomcat6-jsp-2.1-api"], "id": "ORACLELINUX_ELSA-2016-0492.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90111", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:0492 and \n# Oracle Linux Security Advisory ELSA-2016-0492 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90111);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/07/24 18:56:12\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_xref(name:\"RHSA\", value:\"2016:0492\");\n\n script_name(english:\"Oracle Linux 6 : tomcat6 (ELSA-2016-0492)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:0492 :\n\nUpdated tomcat6 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated\nexpressions within a privileged code section. A malicious web\napplication could use this flaw to bypass security manager\nprotections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6\nservlet resulted in a large memory leak. An upstream patch has been\napplied to fix this bug, and the memory leak no longer occurs.\n(BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. Tomcat must\nbe restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-March/005893.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-admin-webapps-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-docs-webapp-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-el-2.1-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-javadoc-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-jsp-2.1-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-lib-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-servlet-2.5-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"tomcat6-webapps-6.0.24-94.el6_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-17T02:56:55", "references": ["https://seclists.org/bugtraq/2015/May/94", "http://www.nessus.org/u?edd653ec", "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"], "pluginID": "83764", "description": "According to its self-reported version number, the Apache Tomcat server listening on the remote host is 7.0.x prior to 7.0.59. It is, therefore, affected by a security bypass vulnerability due to a flaw that occurs when handling expression language. A remote attacker can exploit this, via a crafted web application, to bypass the security manager protection and execute arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 8, "reporter": "Tenable", "published": "2015-05-21T00:00:00", "title": "Apache Tomcat 7.0.x < 7.0.59 Security Manager Bypass", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Web Servers", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_7_0_59.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83764", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83764);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_bugtraq_id(74665);\n\n script_name(english:\"Apache Tomcat 7.0.x < 7.0.59 Security Manager Bypass\");\n script_summary(english:\"Checks the Apache Tomcat Version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a security bypass\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Apache Tomcat\nserver listening on the remote host is 7.0.x prior to 7.0.59. It is,\ntherefore, affected by a security bypass vulnerability due to a flaw\nthat occurs when handling expression language. A remote attacker can\nexploit this, via a crafted web application, to bypass the security\nmanager protection and execute arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # http://tomcat.apache.org/tomcat-7.0-doc/changelog.html#Tomcat_7.0.58_(violetagg)\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?edd653ec\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2015/May/94\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 7.0.59 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"tomcat_error_version.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_require_keys(\"installed_sw/Apache Tomcat\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"7.0.58\", min:\"7.0.0\", severity:SECURITY_WARNING, granularity_regex:\"^7(\\.0)?$\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:39:06", "references": ["http://www.nessus.org/u?85e746b4"], "pluginID": "90146", "description": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n - Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 servlet resulted in a large memory leak.\n An upstream patch has been applied to fix this bug, and the memory leak no longer occurs.\n\nTomcat must be restarted for this update to take effect.", "edition": 4, "reporter": "Tenable", "published": "2016-03-24T00:00:00", "title": "Scientific Linux Security Update : tomcat6 on SL6.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2016-03-24T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20160323_TOMCAT6_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90146", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90146);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2016/03/24 14:02:01 $\");\n\n script_cve_id(\"CVE-2014-7810\");\n\n script_name(english:\"Scientific Linux Security Update : tomcat6 on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the expression language resolver evaluated\nexpressions within a privileged code section. A malicious web\napplication could use this flaw to bypass security manager\nprotections. (CVE-2014-7810)\n\nThis update also fixes the following bug :\n\n - Previously, using a New I/O (NIO) connector in the\n Apache Tomcat 6 servlet resulted in a large memory leak.\n An upstream patch has been applied to fix this bug, and\n the memory leak no longer occurs.\n\nTomcat must be restarted for this update to take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1603&L=scientific-linux-errata&F=&S=&P=13333\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85e746b4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-admin-webapps-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-debuginfo-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-docs-webapp-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-el-2.1-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-javadoc-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-jsp-2.1-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-lib-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-servlet-2.5-api-6.0.24-94.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tomcat6-webapps-6.0.24-94.el6_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-17T03:02:23", "references": ["https://seclists.org/bugtraq/2015/May/94", "http://www.nessus.org/u?20b9636e", "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"], "pluginID": "83765", "description": "According to its self-reported version number, the Apache Tomcat server listening on the remote host is 8.0.x prior to 8.0.17. It is, therefore, affected by a security bypass vulnerability due to a flaw that occurs when handling expression language. A remote attacker can exploit this, via a crafted web application, to bypass the security manager protection and execute arbitrary code.\n\nNote that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.", "edition": 8, "reporter": "Tenable", "published": "2015-05-21T00:00:00", "title": "Apache Tomcat 8.0.x < 8.0.17 Security Manager Bypass", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Web Servers", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7810"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_8_0_17.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83765", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83765);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n\n script_cve_id(\"CVE-2014-7810\");\n script_bugtraq_id(74665);\n\n script_name(english:\"Apache Tomcat 8.0.x < 8.0.17 Security Manager Bypass\");\n script_summary(english:\"Checks the Apache Tomcat Version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a security bypass\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Apache Tomcat\nserver listening on the remote host is 8.0.x prior to 8.0.17. It is,\ntherefore, affected by a security bypass vulnerability due to a flaw\nthat occurs when handling expression language. A remote attacker can\nexploit this, via a crafted web application, to bypass the security\nmanager protection and execute arbitrary code.\n\nNote that Nessus has not attempted to exploit this issue but has\ninstead relied only on the application's self-reported version number.\");\n # http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.16_(markt)\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20b9636e\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2015/May/94\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 8.0.17 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"tomcat_error_version.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_require_keys(\"installed_sw/Apache Tomcat\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"8.0.16\", min:\"8.0.0\", severity:SECURITY_WARNING, granularity_regex:\"^8(\\.0)?$\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-02T00:08:14", "references": ["https://alas.aws.amazon.com/ALAS-2016-656.html"], "pluginID": "89837", "description": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230)", "edition": 5, "reporter": "Tenable", "published": "2016-03-11T00:00:00", "title": "Amazon Linux AMI : tomcat6 (ALAS-2016-656)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:tomcat6-admin-webapps", "p-cpe:/a:amazon:linux:tomcat6-webapps", "p-cpe:/a:amazon:linux:tomcat6-lib", "p-cpe:/a:amazon:linux:tomcat6-servlet-2.5-api", "p-cpe:/a:amazon:linux:tomcat6-javadoc", "p-cpe:/a:amazon:linux:tomcat6-jsp-2.1-api", "p-cpe:/a:amazon:linux:tomcat6", "p-cpe:/a:amazon:linux:tomcat6-docs-webapp", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:tomcat6-el-2.1-api"], "id": "ALA_ALAS-2016-656.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=89837", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-656.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89837);\n script_version(\"2.2\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0230\", \"CVE-2014-7810\");\n script_xref(name:\"ALAS\", value:\"2016-656\");\n\n script_name(english:\"Amazon Linux AMI : tomcat6 (ALAS-2016-656)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the expression language resolver evaluated\nexpressions within a privileged code section. A malicious web\napplication could use this flaw to bypass security manager\nprotections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections\nand preventing further, legitimate connections to the Tomcat server to\nbe made. (CVE-2014-0230)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-656.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update tomcat6' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-admin-webapps-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-docs-webapp-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-el-2.1-api-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-javadoc-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-jsp-2.1-api-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-lib-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-servlet-2.5-api-6.0.44-1.3.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat6-webapps-6.0.44-1.3.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:45:55", "references": ["http://www.nessus.org/u?fc7e8cfb", "http://www.nessus.org/u?9a2c54fd"], "pluginID": "84201", "description": "Apache Software Foundation reports :\n\nLow: Denial of Service CVE-2014-0230\n\nWhen a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be processed. There was no limit to the size of request body that Tomcat would swallow. This permitted a limited Denial of Service as Tomcat would never close the connection and a processing thread would remain allocated to the connection.\n\nModerate: Security Manager bypass CVE-2014-7810\n\nMalicious web applications could use expression language to bypass the protections of a Security Manager as expressions were evaluated within a privileged code section.", "edition": 6, "reporter": "Tenable", "published": "2015-06-16T00:00:00", "title": "FreeBSD : tomcat -- multiple vulnerabilities (25e0593d-13c0-11e5-9afb-3c970e169bc2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:hadoop2", "p-cpe:/a:freebsd:freebsd:oozie", "p-cpe:/a:freebsd:freebsd:tomcat", "p-cpe:/a:freebsd:freebsd:tomcat8", "p-cpe:/a:freebsd:freebsd:tomcat7"], "id": "FREEBSD_PKG_25E0593D13C011E59AFB3C970E169BC2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84201", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84201);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:44\");\n\n script_cve_id(\"CVE-2014-0230\", \"CVE-2014-7810\");\n\n script_name(english:\"FreeBSD : tomcat -- multiple vulnerabilities (25e0593d-13c0-11e5-9afb-3c970e169bc2)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache Software Foundation reports :\n\nLow: Denial of Service CVE-2014-0230\n\nWhen a response for a request with a request body is returned to the\nuser agent before the request body is fully read, by default Tomcat\nswallows the remaining request body so that the next request on the\nconnection may be processed. There was no limit to the size of request\nbody that Tomcat would swallow. This permitted a limited Denial of\nService as Tomcat would never close the connection and a processing\nthread would remain allocated to the connection.\n\nModerate: Security Manager bypass CVE-2014-7810\n\nMalicious web applications could use expression language to bypass the\nprotections of a Security Manager as expressions were evaluated within\na privileged code section.\"\n );\n # https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fc7e8cfb\"\n );\n # https://vuxml.freebsd.org/freebsd/25e0593d-13c0-11e5-9afb-3c970e169bc2.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9a2c54fd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:hadoop2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:oozie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"tomcat<6.0.44\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tomcat7<7.0.55\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tomcat8<8.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"hadoop2<=2.6.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"oozie<=4.1.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-15T04:03:49", "references": ["https://access.redhat.com/security/cve/cve-2014-7810", "https://access.redhat.com/security/cve/cve-2014-0230", "https://access.redhat.com/errata/RHSA-2015:1622"], "pluginID": "85441", "description": "Updated tomcat6 and tomcat7 packages that fix two security issues are now available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nIt was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat Customer Portal are advised to apply this update. The Red Hat JBoss Web Server process must be restarted for the update to take effect.", "edition": 10, "reporter": "Tenable", "published": "2015-08-17T00:00:00", "title": "RHEL 6 / 7 : JBoss Web Server (RHSA-2015:1622)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "modified": "2018-12-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat7-maven-devel", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-maven-devel", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api"], "id": "REDHAT-RHSA-2015-1622.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85441", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1622. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85441);\n script_version(\"2.13\");\n script_cvs_date(\"Date: 2018/12/14 9:50:14\");\n\n script_cve_id(\"CVE-2014-0230\", \"CVE-2014-7810\");\n script_xref(name:\"RHSA\", value:\"2015:1622\");\n\n script_name(english:\"RHEL 6 / 7 : JBoss Web Server (RHSA-2015:1622)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 and tomcat7 packages that fix two security issues are\nnow available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise\nLinux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library.\n\nIt was found that the expression language resolver evaluated\nexpressions within a privileged code section. A malicious web\napplication could use this flaw to bypass security manager\nprotections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections\nand preventing further, legitimate connections to the Tomcat server to\nbe made. (CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red\nHat Customer Portal are advised to apply this update. The Red Hat\nJBoss Web Server process must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7810\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-maven-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-maven-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1622\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"jws-2\") || rpm_exists(release:\"RHEL7\", rpm:\"jws-2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-2.1-api-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-log4j-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-maven-devel-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.41-15_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-admin-webapps-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-docs-webapp-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-el-2.2-api-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-javadoc-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-jsp-2.2-api-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-lib-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-log4j-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-maven-devel-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-servlet-3.0-api-7.0.54-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-webapps-7.0.54-19_patch_04.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-admin-webapps-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-docs-webapp-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-el-2.1-api-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-javadoc-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-jsp-2.1-api-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-lib-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-log4j-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-maven-devel-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-servlet-2.5-api-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-webapps-6.0.41-15_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-admin-webapps-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-docs-webapp-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-el-2.2-api-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-javadoc-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-jsp-2.2-api-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-lib-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-log4j-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-maven-devel-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-servlet-3.0-api-7.0.54-20_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-webapps-7.0.54-20_patch_04.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:13", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-javadoc-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-javadoc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-docs-webapp-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-docs-webapp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-el-2.1-api-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-el-2.1-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-servlet-2.5-api-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-servlet-2.5-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "src", "packageFilename": "tomcat6-6.0.24-94.el6_7.src.rpm", "packageName": "tomcat6", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-admin-webapps-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-admin-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-webapps-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-lib-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageFilename": "tomcat6-jsp-2.1-api-6.0.24-94.el6_7.x86_64.rpm", "packageName": "tomcat6-jsp-2.1-api", "operator": "lt"}], "description": "[0:6.0.24-94]\n- Resolves: rhbz#1293289 CVE-2014-7810 tomcat6 security manager bypass via EL expressions\n[0:6.0.24-93]\n- Resolves: rhbz#1301646 Resolving NIO connector memory leak", "edition": 3, "reporter": "Oracle", "published": "2016-03-22T00:00:00", "title": "tomcat6 security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7810"], "modified": "2016-03-22T00:00:00", "id": "ELSA-2016-0492", "href": "http://linux.oracle.com/errata/ELSA-2016-0492.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T01:45:40", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-lib-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-jsvc-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-jsvc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-servlet-3.0-api-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-servlet-3.0-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-docs-webapp-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-docs-webapp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-admin-webapps-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-admin-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-jsp-2.2-api-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-jsp-2.2-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-webapps-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-el-2.2-api-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-el-2.2-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "src", "packageFilename": "tomcat-7.0.54-8.el7_2.src.rpm", "packageName": "tomcat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageFilename": "tomcat-javadoc-7.0.54-8.el7_2.noarch.rpm", "packageName": "tomcat-javadoc", "operator": "lt"}], "description": "[0:7.0.54-8]\n- Resolves: rhbz#1368121\n[0:7.0.54-7]\n- Resolves: rhbz#1362212 Tomcat: CGI sets environmental variable based on user supplied Proxy request header\n- Resolves: rhbz#1368121\n[0:7.0.54-5]\n- Resolves: rhbz#1362567\n[0:7.0.54-4]\n- Resolves: CVE-2015-5346\n[0:7.0.54-3]\n- Resolves: CVE-2014-7810", "edition": 3, "reporter": "Oracle", "published": "2016-10-10T00:00:00", "title": "tomcat security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-5425", "CVE-2016-6325", "CVE-2016-5388", "CVE-2015-5346", "CVE-2014-7810"], "modified": "2016-10-10T00:00:00", "id": "ELSA-2016-2046", "href": "http://linux.oracle.com/errata/ELSA-2016-2046.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:38:16", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-admin-webapps-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-admin-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-el-2.2-api-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-el-2.2-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "src", "packageFilename": "tomcat-7.0.69-10.el7.src.rpm", "packageName": "tomcat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-docs-webapp-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-docs-webapp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-jsp-2.2-api-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-jsp-2.2-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-jsvc-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-jsvc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-lib-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-servlet-3.0-api-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-servlet-3.0-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-webapps-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.69-10.el7", "arch": "noarch", "packageFilename": "tomcat-javadoc-7.0.69-10.el7.noarch.rpm", "packageName": "tomcat-javadoc", "operator": "lt"}], "description": "[0:7.0.69-10]\n- Related: rhbz#1368122\n[0:7.0.69-9]\n- Resolves: rhbz#1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header\n- Resolves: rhbz#1368122\n[0:7.0.69-7]\n- Resolves: rhbz#1362545\n[0:7.0.69-6]\n- Related: rhbz#1201409 Added /etc/sysconfig/tomcat to the systemd unit for tomcat-jsvc.service\n[0:7.0.69-5]\n- Resolves: rhbz#1347860 The systemd service unit does not allow tomcat to shut down gracefully\n[0:7.0.69-4]\n- Resolves: rhbz#1350438 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service\n[0:7.0.69-3]\n- Resolves: rhbz#1347774 The security manager doesn't work correctly (JSPs cannot be compiled)\n[0:7.0.69-2]\n- Rebase Resolves: rhbz#1311622 Getting NoSuchElementException while handling attributes with empty string value in tomcat\n- Rebase Resolves: rhbz#1320853 Add HSTS support\n- Rebase Resolves: rhbz#1293292 CVE-2014-7810 tomcat: Tomcat/JBossWeb: security manager bypass via EL expressions\n- Rebase Resolves: rhbz#1347144 CVE-2016-0706 tomcat: security manager bypass via StatusManagerServlet\n- Rebase Resolves: rhbz#1347139 CVE-2015-5346 tomcat: Session fixation\n- Rebase Resolves: rhbz#1347136 CVE-2015-5345 tomcat: directory disclosure\n- Rebase Resolves: rhbz#1347129 CVE-2015-5174 tomcat: URL Normalization issue\n- Rebase Resolves: rhbz#1347146 CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()\n- Rebase Resolves: rhbz#1347142 CVE-2016-0714 tomcat: Security Manager bypass via persistence mechanisms\n- Rebase Resolves: rhbz#1347133 CVE-2015-5351 tomcat: CSRF token leak\n[0:7.0.69-1]\n- Resolves: rhbz#1287928 Rebase to tomcat 7.0.69\n- Resolves: rhbz#1327326 rpm -V tomcat fails on /var/log/tomcat/catalina.out\n- Resolves: rhbz#1277197 tomcat user has non-existing default shell set\n- Resolves: rhbz#1240279 The command tomcat-digest doesn't work with RHEL 7\n- Resolves: rhbz#1229476 Tomcat startup ONLY options\n- Resolves: rhbz#1133070 Need to include full implementation of tomcat-juli.jar and tomcat-juli-adapters.jar\n- Resolves: rhbz#1201409 Fix the broken tomcat-jsvc service unit\n- Resolves: rhbz#1221896 tomcat.service loads /etc/sysconfig/tomcat without shell expansion\n- Resolves: rhbz#1208402 Mark web.xml in tomcat-admin-webapps as config file", "edition": 3, "reporter": "Oracle", "published": "2016-11-09T00:00:00", "title": "tomcat security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-5351", "CVE-2016-0714", "CVE-2016-3092", "CVE-2015-5345", "CVE-2016-0763", "CVE-2015-5346", "CVE-2015-5174", "CVE-2014-7810", "CVE-2016-0706"], "modified": "2016-11-09T00:00:00", "id": "ELSA-2016-2599", "href": "http://linux.oracle.com/errata/ELSA-2016-2599.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:11", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-docs-webapp-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-docs-webapp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-admin-webapps-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-admin-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-javadoc-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-javadoc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "src", "packageFilename": "tomcat-7.0.76-2.el7.src.rpm", "packageName": "tomcat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-el-2.2-api-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-el-2.2-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-lib-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-lib", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-jsp-2.2-api-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-jsp-2.2-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-servlet-3.0-api-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-servlet-3.0-api", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-jsvc-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-jsvc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-webapps-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat-webapps", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "7.0.76-2.el7", "arch": "noarch", "packageFilename": "tomcat-7.0.76-2.el7.noarch.rpm", "packageName": "tomcat", "operator": "lt"}], "description": "[0:7.0.76-2]\n- Resolves: rhbz#1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism\n- Resolves: rhbz#1441481 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used\n[0:7.0.76-1]\n- Resolves: rhbz#1414895 Rebase tomcat to the current release\n[0:7.0.69-10]\n- Related: rhbz#1368122\n[0:7.0.69-9]\n- Resolves: rhbz#1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header\n- Resolves: rhbz#1368122\n[0:7.0.69-7]\n- Resolves: rhbz#1362545\n[0:7.0.69-6]\n- Related: rhbz#1201409 Added /etc/sysconfig/tomcat to the systemd unit for tomcat-jsvc.service\n[0:7.0.69-5]\n- Resolves: rhbz#1347860 The systemd service unit does not allow tomcat to shut down gracefully\n[0:7.0.69-4]\n- Resolves: rhbz#1350438 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service\n[0:7.0.69-3]\n- Resolves: rhbz#1347774 The security manager doesn't work correctly (JSPs cannot be compiled)\n[0:7.0.69-2]\n- Rebase Resolves: rhbz#1311622 Getting NoSuchElementException while handling attributes with empty string value in tomcat\n- Rebase Resolves: rhbz#1320853 Add HSTS support\n- Rebase Resolves: rhbz#1293292 CVE-2014-7810 tomcat: Tomcat/JBossWeb: security manager bypass via EL expressions\n- Rebase Resolves: rhbz#1347144 CVE-2016-0706 tomcat: security manager bypass via StatusManagerServlet\n- Rebase Resolves: rhbz#1347139 CVE-2015-5346 tomcat: Session fixation\n- Rebase Resolves: rhbz#1347136 CVE-2015-5345 tomcat: directory disclosure\n- Rebase Resolves: rhbz#1347129 CVE-2015-5174 tomcat: URL Normalization issue\n- Rebase Resolves: rhbz#1347146 CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()\n- Rebase Resolves: rhbz#1347142 CVE-2016-0714 tomcat: Security Manager bypass via persistence mechanisms\n- Rebase Resolves: rhbz#1347133 CVE-2015-5351 tomcat: CSRF token leak\n[0:7.0.69-1]\n- Resolves: rhbz#1287928 Rebase to tomcat 7.0.69\n- Resolves: rhbz#1327326 rpm -V tomcat fails on /var/log/tomcat/catalina.out\n- Resolves: rhbz#1277197 tomcat user has non-existing default shell set\n- Resolves: rhbz#1240279 The command tomcat-digest doesn't work with RHEL 7\n- Resolves: rhbz#1229476 Tomcat startup ONLY options\n- Resolves: rhbz#1133070 Need to include full implementation of tomcat-juli.jar and tomcat-juli-adapters.jar\n- Resolves: rhbz#1201409 Fix the broken tomcat-jsvc service unit\n- Resolves: rhbz#1221896 tomcat.service loads /etc/sysconfig/tomcat without shell expansion\n- Resolves: rhbz#1208402 Mark web.xml in tomcat-admin-webapps as config file\n[0:7.0.54-2]\n- Resolves: CVE-2014-0227\n[0:7.0.54-1]\n- Resolves: rhbz#1141372 - Remove systemv artifacts. Add new systemd\n- artifacts. Rebase on 7.0.54.\n[0:7.0.43-6]\n- Resolves: CVE-2014-0099\n- Resolves: CVE-2014-0096\n- Resolves: CVE-2014-0075\n[0:7.0.42-5]\n- Related: CVE-2013-4286\n- Related: CVE-2013-4322\n- Related: CVE-2014-0050\n- revisit patches for above.\n[0:7.0.42-4]\n- Related: rhbz#1056696 correct packaging for sbin tomcat\n[0:7.0.42-3]\n- Related: CVE-2013-4286. increment build number. missed doing\n- it.\n- Resolves: rhbz#1038183 remove BR for ant-nodeps. it's\n- no long used.\n[0:7.0.42-2]\n- Resolves: rhbz#1056673 Invocation of useradd with shell\n- other than sbin nologin\n- Resolves: rhbz#1056677 preun systemv scriptlet unconditionally\n- stops service\n- Resolves: rhbz#1056696 init.d tomcat does not conform to RHEL7\n- systemd rules. systemv subpackage is removed.\n- Resolves: CVE-2013-4286\n- Resolves: CVE-2013-4322\n- Resolves: CVE-2014-0050\n- Built for rhel-7 RC\n[0:7.0.42-1]\n- Resolves: rhbz#1051657 update to 7.0.42. Ant-nodeps is\n- deprecated.\n[07.0.40-3]\n- Mass rebuild 2013-12-27\n[0:7.0.40-1]\n- Updated to 7.0.40\n- Resolves: rhbz 956569 added missing commons-pool link\n[0:7.0.37-2]\n- Add depmaps for org.eclipse.jetty.orbit\n- Resolves: rhbz#917626\n[0:7.0.39-1]\n- Updated to 7.0.39\n[0:7.0.37-1]\n- Updated to 7.0.37\n[0:7.0.35-1]\n- Updated to 7.0.35\n- systemd SuccessExitStatus=143 for proper stop exit code processing\n[0:7.0.34-1]\n- Updated to 7.0.34\n- ecj >= 4.2.1 now required\n- Resolves: rhbz 889395 concat classpath correctly; chdir to \n[0:7.0.33-2]\n- Resolves: rhbz 883806 refix logdir ownership\n[0:7.0.33-1]\n- Updated to 7.0.33\n- Resolves: rhbz 873620 need chkconfig for update-alternatives\n[0:7.0.32-1]\n- Updated to 7.0.32\n- Resolves: rhbz 842620 symlinks to taglibs\n[0:7.0.29-1]\n- Updated to 7.0.29\n- Add pidfile as tmpfile\n- Use systemd for running as unprivileged user\n- Resolves: rhbz 847751 upgrade path was broken\n- Resolves: rhbz 850343 use new systemd-rpm macros\n[0:7.0.28-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild\n[0:7.0.28-1]\n- Updated to 7.0.28\n- Resolves: rhbz 820119 Remove bundled apache-commons-dbcp\n- Resolves: rhbz 814900 Added tomcat-coyote POM\n- Resolves: rhbz 810775 Remove systemv stuff from %post scriptlet\n- Remove redhat-lsb R\n[0:7.0.27-2]\n- Fixed native download hack\n[0:7.0.27-1]\n- Updated to 7.0.27\n- Fixed jakarta-taglibs-standard BR and R\n[0:7.0.26-2]\n- Add more depmaps to J2EE apis to help jetty/glassfish updates\n[0:7.0.26-2]\n- Added the POM files for tomcat-api and tomcat-util (#803495)\n[0:7.0.26-1]\n- Updated to 7.0.26\n- Bug 790334: Change ownership of logdir for logrotate\n[0:7.0.25-4]\n- Bug 790694: Priorities of jsp, servlet and el packages updated.\n[0:7.0.25-3]\n- Dropped indirect dependecy to tomcat 5\n[0:7.0.25-2]\n- Added hack for maven depmap of tomcat-juli absolute link [ -f ] pass correctly\n[0:7.0.25-1]\n- Updated to 7.0.25\n- Removed EntityResolver patch (changes already in upstream sources)\n- Place poms and depmaps in the same package as jars\n- Added javax.servlet.descriptor to export-package of servlet-api\n- Move several chkconfig actions and reqs to systemv subpackage\n- New maven depmaps generation method\n- Add patch to support java7. (patch sent upstream).\n- Require java >= 1:1.6.0\n[0:7.0.23-5]\n- Exported javax.servlet.* packages in version 3.0 as 2.6 to make\n servlet-api compatible with Eclipse.\n[0:7.0.23-4]\n- Move jsvc support to subpackage\n[0:7.0.23-2]\n- Add EntityResolver setter patch to jasper for jetty's need. (patch sent upstream).\n[0:7.0.23-3]\n- Added support to /usr/sbin/tomcat-sysd and /usr/sbin/tomcat for\n starting tomcat with jsvc, which allows tomcat to perform some\n privileged operations (e.g. bind to a port < 1024) and then switch\n identity to a non-privileged user. Must add USE_JSVC='true' to\n /etc/tomcat/tomcat.conf or /etc/sysconfig/tomcat.\n[0:7.0.23-1]\n- Updated to 7.0.23\n[0:7.0.22-2]\n- Move tomcat-juli.jar to lib package\n- Drop %update_maven_depmap as in tomcat6\n- Provide native systemd unit file ported from tomcat6\n[0:7.0.22-1]\n- Updated to 7.0.22\n[0:7.0.21-3.1]\n- rebuild (java), rel-eng#4932\n[0:7.0.21-3]\n- Fix basedir mode\n[0:7.0.21-2]\n- Add manifests for el-api, jasper-el, jasper, tomcat, and tomcat-juli.\n[0:7.0.21-1]\n- Updated to 7.0.21\n[0:7.0.20-3]\n- Require java = 1:1.6.0\n[0:7.0.20-2]\n- Require java < 1.7.0\n[0:7.0.20-1]\n- Updated to 7.0.20\n[0:7.0.19-1]\n- Updated to 7.0.19\n[0:7.0.16-1]\n- Updated to 7.0.16\n[0:7.0.14-3]\n- Added initial systemd service\n- Fix some paths\n[0:7.0.14-2]\n- Fixed http source link\n- Securify some permissions\n- Added licenses for el-api and servlet-api\n- Added dependency on jpackage-utils for the javadoc subpackage\n[0:7.0.14-1]\n- Updated to 7.0.14\n[0:7.0.12-4]\n- Provided local paths for libs\n- Fixed dependencies\n- Fixed update temp/work cleanup\n[0:7.0.12-3]\n- Fixed package groups\n- Fixed some permissions\n- Fixed some links\n- Removed old tomcat6 crap\n[0:7.0.12-2]\n- Package now named just tomcat instead of tomcat7\n- Removed Provides: tomcat-log4j\n- Switched to apache-commons-* names instead of jakarta-commons-* .\n- Remove the old changelog\n- BR/R java >= 1:1.6.0 , same for java-devel\n- Removed old tomcat6 crap\n[0:7.0.12-1]\n- Tomcat7", "edition": 3, "reporter": "Oracle", "published": "2017-08-07T00:00:00", "title": "tomcat security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-5351", "CVE-2016-6796", "CVE-2014-0227", "CVE-2016-0714", "CVE-2016-3092", "CVE-2015-5345", "CVE-2016-0762", "CVE-2016-0763", "CVE-2014-0099", "CVE-2017-5647", "CVE-2013-4322", "CVE-2014-0050", "CVE-2015-5346", "CVE-2013-4286", "CVE-2015-5174", "CVE-2016-5018", "CVE-2014-7810", "CVE-2016-0706", "CVE-2017-5664", "CVE-2014-0096", "CVE-2014-0075", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2017-08-07T00:00:00", "id": "ELSA-2017-2247", "href": "http://linux.oracle.com/errata/ELSA-2017-2247.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T19:40:43", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-debuginfo", "packageFilename": "tomcat6-debuginfo-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}], "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\n", "reporter": "RedHat", "published": "2016-03-22T04:00:00", "type": "redhat", "title": "(RHSA-2016:0492) Moderate: tomcat6 security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7810"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:23", "id": "RHSA-2016:0492", "href": "https://access.redhat.com/errata/RHSA-2016:0492", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-03-17T18:30:27", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "enchantments_done": [], "references": [], "affectedPackage": [], "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\n", "reporter": "RedHat", "published": "2016-01-25T05:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "redhat", "title": "(RHSA-2016:22545) Moderate: tomcat6 security and bug fix update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7810"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2016-03-17T22:07:18", "id": "RHSA-2016:22545", "href": "https://access.redhat.com/errata/RHSA-2016:22545", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-12-11T21:42:33", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "6.0.41-15_patch_04.ep6.el5", "arch": "noarch", "packageName": "tomcat6", "packageFilename": "tomcat6-6.0.41-15_patch_04.ep6.el5.noarch.rpm", "operator": "lt"}], "description": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", "reporter": "RedHat", "published": "2015-08-13T19:24:28", "type": "redhat", "title": "(RHSA-2015:1622) Moderate: Red Hat JBoss Web Server 2.1.0 tomcat security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-08-09T19:46:59", "id": "RHSA-2015:1622", "href": "https://access.redhat.com/errata/RHSA-2015:1622", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:34", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat", "packageFilename": "tomcat-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}], "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.", "reporter": "RedHat", "published": "2016-10-10T22:29:51", "type": "redhat", "title": "(RHSA-2016:2046) Important: tomcat security update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7810", "CVE-2015-5346", "CVE-2016-5388", "CVE-2016-5425", "CVE-2016-6325"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:32:47", "id": "RHSA-2016:2046", "href": "https://access.redhat.com/errata/RHSA-2016:2046", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:13:49", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "tomcat8-admin_8.0.14-1+deb8u1_all.deb", "packageName": "tomcat8-admin", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "libservlet3.1-java-doc_8.0.14-1+deb8u1_all.deb", "packageName": "libservlet3.1-java-doc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "tomcat8_8.0.14-1+deb8u1_all.deb", "packageName": "tomcat8", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "libservlet3.1-java_8.0.14-1+deb8u1_all.deb", "packageName": "libservlet3.1-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "libtomcat8-java_8.0.14-1+deb8u1_all.deb", "packageName": "libtomcat8-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "tomcat8-common_8.0.14-1+deb8u1_all.deb", "packageName": "tomcat8-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "tomcat8-user_8.0.14-1+deb8u1_all.deb", "packageName": "tomcat8-user", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "tomcat8-examples_8.0.14-1+deb8u1_all.deb", "packageName": "tomcat8-examples", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "8.0.14-1+deb8u1", "arch": "all", "packageFilename": "tomcat8-docs_8.0.14-1+deb8u1_all.deb", "packageName": "tomcat8-docs", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3428-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 18, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat8\nCVE ID : CVE-2014-7810\n\nIt was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\n \nFor the stable distribution (jessie), this problem has been fixed in\nversion 8.0.14-1+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 8.0.21-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 8.0.21-2.\n\nWe recommend that you upgrade your tomcat8 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 1, "reporter": "Debian", "published": "2015-12-18T21:14:12", "title": "[SECURITY] [DSA 3428-1] tomcat8 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:49", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7810"], "modified": "2015-12-18T21:14:12", "id": "DEBIAN:DSA-3428-1:EC79D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00335.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-16T22:13:01", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "tomcat6-common_6.0.41-2+squeeze7_all.deb", "packageName": "tomcat6-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "tomcat6-user_6.0.41-2+squeeze7_all.deb", "packageName": "tomcat6-user", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "tomcat6-docs_6.0.41-2+squeeze7_all.deb", "packageName": "tomcat6-docs", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "tomcat6-admin_6.0.41-2+squeeze7_all.deb", "packageName": "tomcat6-admin", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "tomcat6-examples_6.0.41-2+squeeze7_all.deb", "packageName": "tomcat6-examples", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "libservlet2.5-java-doc_6.0.41-2+squeeze7_all.deb", "packageName": "libservlet2.5-java-doc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "libtomcat6-java_6.0.41-2+squeeze7_all.deb", "packageName": "libtomcat6-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "tomcat6_6.0.41-2+squeeze7_all.deb", "packageName": "tomcat6", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "6.0.41-2+squeeze7", "arch": "all", "packageFilename": "libservlet2.5-java_6.0.41-2+squeeze7_all.deb", "packageName": "libservlet2.5-java", "operator": "lt"}], "description": "Package : tomcat6\nVersion : 6.0.41-2+squeeze7\nCVE ID : CVE-2014-0227 CVE-2014-0230 CVE-2014-7810\nDebian Bug : 787010 785312 785316\n\nThe following vulnerabilities were found in Apache Tomcat 6:\n\nCVE-2014-0227\n\n The Tomcat security team identified that it was possible to conduct HTTP\n request smuggling attacks or cause a DoS by streaming malformed data.\n\nCVE-2014-0230\n\n AntBean@secdig, from the Baidu Security Team, disclosed that it was\n possible to cause a limited DoS attack by feeding data by aborting an\n upload.\n\nCVE-2014-7810\n\n The Tomcat security team identified that malicious web applications could\n bypass the Security Manager by the use of expression language.\n\nFor Debian 6 &quot;Squeeze&quot;, these issues have been fixed in tomcat6 version\n6.0.41-2+squeeze7.\n", "edition": 1, "reporter": "Debian", "published": "2015-05-28T19:26:14", "title": "[SECURITY] [DLA 232-1] tomcat6 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:01", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810"], "modified": "2015-05-28T19:26:14", "id": "DEBIAN:DLA-232-1:8CB78", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201505/msg00016.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-18T13:50:33", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "tomcat7-user_7.0.56-3+deb8u1_all.deb", "packageName": "tomcat7-user", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "tomcat7_7.0.56-3+deb8u1_all.deb", "packageName": "tomcat7", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "tomcat7-admin_7.0.56-3+deb8u1_all.deb", "packageName": "tomcat7-admin", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "tomcat7-examples_7.0.56-3+deb8u1_all.deb", "packageName": "tomcat7-examples", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "libservlet3.0-java-doc_7.0.56-3+deb8u1_all.deb", "packageName": "libservlet3.0-java-doc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "libtomcat7-java_7.0.56-3+deb8u1_all.deb", "packageName": "libtomcat7-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "tomcat7-common_7.0.56-3+deb8u1_all.deb", "packageName": "tomcat7-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "7", "packageVersion": "7.0.28-4+deb7u3", "arch": "all", "packageFilename": "tomcat7_7.0.28-4+deb7u3_all.deb", "packageName": "tomcat7", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "libservlet3.0-java_7.0.56-3+deb8u1_all.deb", "packageName": "libservlet3.0-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "7.0.56-3+deb8u1", "arch": "all", "packageFilename": "tomcat7-docs_7.0.56-3+deb8u1_all.deb", "packageName": "tomcat7-docs", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3447-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 17, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat7\nCVE ID : CVE-2014-7810\n\nIt was discovered that malicious web applications could use the\nExpression Language to bypass protections of a Security Manager as\nexpressions were evaluated within a privileged code section.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 7.0.28-4+deb7u3. This update also provides fixes for\nCVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227 and\nCVE-2014-0230, which were all fixed for the stable distribution (jessie)\nalready.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 7.0.56-3+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 7.0.61-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.0.61-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2016-01-17T15:47:29", "title": "[SECURITY] [DSA 3447-1] tomcat7 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:50:33", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0099", "CVE-2014-7810", "CVE-2014-0075", "CVE-2013-4444"], "modified": "2016-01-17T15:47:29", "id": "DEBIAN:DSA-3447-1:CE269", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00017.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-18T13:50:30", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "6.0.45+dfsg-1~deb7u1", "arch": "all", "packageFilename": "tomcat6_6.0.45+dfsg-1~deb7u1_all.deb", "packageName": "tomcat6", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3530-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 25, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat6\nCVE ID : CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 \n CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119\n CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174\n CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706\n CVE-2016-0714 CVE-2016-0763\n\nMultiple security vulnerabilities have been fixed in the Tomcat servlet\nand JSP engine, which may result on bypass of security manager\nrestrictions, information disclosure, denial of service or session\nfixation.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 6.0.45+dfsg-1~deb7u1.\n\nWe recommend that you upgrade your tomcat6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2016-03-25T18:48:21", "title": "[SECURITY] [DSA 3530-1] tomcat6 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:50:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-5351", "CVE-2014-0227", "CVE-2014-0230", "CVE-2016-0714", "CVE-2015-5345", "CVE-2016-0763", "CVE-2014-0099", "CVE-2014-0119", "CVE-2013-4322", "CVE-2015-5346", "CVE-2013-4286", "CVE-2015-5174", "CVE-2013-4590", "CVE-2014-7810", "CVE-2016-0706", "CVE-2014-0096", "CVE-2014-0075", "CVE-2014-0033"], "modified": "2016-03-25T18:48:21", "id": "DEBIAN:DSA-3530-1:6A530", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00104.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:14", "references": ["https://rhn.redhat.com/errata/RHSA-2016-0492.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6", "packageFilename": "tomcat6-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-lib", "packageFilename": "tomcat6-lib-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6", "packageFilename": "tomcat6-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-javadoc", "packageFilename": "tomcat6-javadoc-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-el-2.1-api", "packageFilename": "tomcat6-el-2.1-api-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-el-2.1-api", "packageFilename": "tomcat6-el-2.1-api-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-admin-webapps", "packageFilename": "tomcat6-admin-webapps-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "any", "packageName": "tomcat6", "packageFilename": "tomcat6-6.0.24-94.el6_7.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-docs-webapp", "packageFilename": "tomcat6-docs-webapp-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-jsp-2.1-api", "packageFilename": "tomcat6-jsp-2.1-api-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-jsp-2.1-api", "packageFilename": "tomcat6-jsp-2.1-api-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-servlet-2.5-api", "packageFilename": "tomcat6-servlet-2.5-api-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-admin-webapps", "packageFilename": "tomcat6-admin-webapps-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-lib", "packageFilename": "tomcat6-lib-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-javadoc", "packageFilename": "tomcat6-javadoc-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-webapps", "packageFilename": "tomcat6-webapps-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-servlet-2.5-api", "packageFilename": "tomcat6-servlet-2.5-api-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "x86_64", "packageName": "tomcat6-docs-webapp", "packageFilename": "tomcat6-docs-webapp-6.0.24-94.el6_7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "6.0.24-94.el6_7", "arch": "i686", "packageName": "tomcat6-webapps", "packageFilename": "tomcat6-webapps-6.0.24-94.el6_7.i686.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2016:0492\n\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-March/021766.html\n\n**Affected packages:**\ntomcat6\ntomcat6-admin-webapps\ntomcat6-docs-webapp\ntomcat6-el-2.1-api\ntomcat6-javadoc\ntomcat6-jsp-2.1-api\ntomcat6-lib\ntomcat6-servlet-2.5-api\ntomcat6-webapps\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0492.html", "edition": 1, "reporter": "CentOS Project", "published": "2016-03-23T13:09:57", "title": "tomcat6 security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7810"], "modified": "2016-03-23T13:09:57", "href": "http://lists.centos.org/pipermail/centos-announce/2016-March/021766.html", "id": "CESA-2016:0492", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-10-03T18:26:54", "references": ["https://rhn.redhat.com/errata/RHSA-2016-2046.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "any", "packageName": "tomcat", "packageFilename": "tomcat-7.0.54-8.el7_2.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-javadoc", "packageFilename": "tomcat-javadoc-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat", "packageFilename": "tomcat-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-admin-webapps", "packageFilename": "tomcat-admin-webapps-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-el-2.2-api", "packageFilename": "tomcat-el-2.2-api-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-jsvc", "packageFilename": "tomcat-jsvc-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-lib", "packageFilename": "tomcat-lib-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-webapps", "packageFilename": "tomcat-webapps-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-docs-webapp", "packageFilename": "tomcat-docs-webapp-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-jsp-2.2-api", "packageFilename": "tomcat-jsp-2.2-api-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "7.0.54-8.el7_2", "arch": "noarch", "packageName": "tomcat-servlet-3.0-api", "packageFilename": "tomcat-servlet-3.0-api-7.0.54-8.el7_2.noarch.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2016:2046\n\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-October/022121.html\n\n**Affected packages:**\ntomcat\ntomcat-admin-webapps\ntomcat-docs-webapp\ntomcat-el-2.2-api\ntomcat-javadoc\ntomcat-jsp-2.2-api\ntomcat-jsvc\ntomcat-lib\ntomcat-servlet-3.0-api\ntomcat-webapps\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2046.html", "edition": 1, "reporter": "CentOS Project", "published": "2016-10-11T18:36:52", "title": "tomcat security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-5425", "CVE-2016-6325", "CVE-2016-5388", "CVE-2015-5346", "CVE-2014-7810"], "modified": "2016-10-11T18:36:52", "href": "http://lists.centos.org/pipermail/centos-announce/2016-October/022121.html", "id": "CESA-2016:2046", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:03", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-el-2.1-api-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-el-2.1-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-webapps-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-webapps", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-servlet-2.5-api-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-servlet-2.5-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-javadoc-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-javadoc", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-jsp-2.1-api-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-jsp-2.1-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-docs-webapp-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-docs-webapp", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "src", "packageFilename": "tomcat6-6.0.44-1.3.amzn1.src.rpm", "packageName": "tomcat6", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-admin-webapps-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-admin-webapps", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-lib-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6-lib", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "6.0.44-1.3.amzn1", "arch": "noarch", "packageFilename": "tomcat6-6.0.44-1.3.amzn1.noarch.rpm", "packageName": "tomcat6", "operator": "lt"}], "description": "**Issue Overview:**\n\nIt was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. ([CVE-2014-7810 __](<https://access.redhat.com/security/cve/CVE-2014-7810>))\n\nIt was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. ([CVE-2014-0230 __](<https://access.redhat.com/security/cve/CVE-2014-0230>))\n\n \n**Affected Packages:** \n\n\ntomcat6\n\n \n**Issue Correction:** \nRun _yum update tomcat6_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n tomcat6-el-2.1-api-6.0.44-1.3.amzn1.noarch \n tomcat6-6.0.44-1.3.amzn1.noarch \n tomcat6-lib-6.0.44-1.3.amzn1.noarch \n tomcat6-servlet-2.5-api-6.0.44-1.3.amzn1.noarch \n tomcat6-admin-webapps-6.0.44-1.3.amzn1.noarch \n tomcat6-javadoc-6.0.44-1.3.amzn1.noarch \n tomcat6-jsp-2.1-api-6.0.44-1.3.amzn1.noarch \n tomcat6-webapps-6.0.44-1.3.amzn1.noarch \n tomcat6-docs-webapp-6.0.44-1.3.amzn1.noarch \n \n src: \n tomcat6-6.0.44-1.3.amzn1.src \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2016-03-10T16:30:00", "title": "Medium: tomcat6", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:03", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "modified": "2016-03-10T16:30:00", "id": "ALAS-2016-656", "href": "https://alas.aws.amazon.com/ALAS-2016-656.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-02T16:55:13", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-lib-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-lib", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-servlet-3.1-api-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-servlet-3.1-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-javadoc-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-javadoc", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-el-3.0-api-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-el-3.0-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-jsp-2.3-api-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-jsp-2.3-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "src", "packageFilename": "tomcat8-8.0.30-1.57.amzn1.src.rpm", "packageName": "tomcat8", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-log4j-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-log4j", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-docs-webapp-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-docs-webapp", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-webapps-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-webapps", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "8.0.30-1.57.amzn1", "arch": "noarch", "packageFilename": "tomcat8-admin-webapps-8.0.30-1.57.amzn1.noarch.rpm", "packageName": "tomcat8-admin-webapps", "operator": "lt"}], "description": "**Issue Overview:**\n\nA directory traversal vulnerability in RequestUtil.java was discovered which allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call. ([CVE-2015-5174 __](<https://access.redhat.com/security/cve/CVE-2015-5174>))\n\nThe Mapper component processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. ([CVE-2015-5345 __](<https://access.redhat.com/security/cve/CVE-2015-5345>))\n\nIt was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. ([CVE-2014-7810 __](<https://access.redhat.com/security/cve/CVE-2014-7810>))\n\n \n**Affected Packages:** \n\n\ntomcat8\n\n \n**Issue Correction:** \nRun _yum update tomcat8_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n tomcat8-8.0.30-1.57.amzn1.noarch \n tomcat8-log4j-8.0.30-1.57.amzn1.noarch \n tomcat8-lib-8.0.30-1.57.amzn1.noarch \n tomcat8-admin-webapps-8.0.30-1.57.amzn1.noarch \n tomcat8-javadoc-8.0.30-1.57.amzn1.noarch \n tomcat8-servlet-3.1-api-8.0.30-1.57.amzn1.noarch \n tomcat8-el-3.0-api-8.0.30-1.57.amzn1.noarch \n tomcat8-docs-webapp-8.0.30-1.57.amzn1.noarch \n tomcat8-jsp-2.3-api-8.0.30-1.57.amzn1.noarch \n tomcat8-webapps-8.0.30-1.57.amzn1.noarch \n \n src: \n tomcat8-8.0.30-1.57.amzn1.src \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2016-03-10T16:30:00", "title": "Medium: tomcat8", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:13", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-5345", "CVE-2015-5174", "CVE-2014-7810"], "modified": "2016-03-10T16:30:00", "id": "ALAS-2016-658", "href": "https://alas.aws.amazon.com/ALAS-2016-658.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-02T16:55:17", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-lib-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-lib", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-log4j-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-log4j", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-javadoc-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-javadoc", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-jsp-2.2-api-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-jsp-2.2-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-servlet-3.0-api-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-servlet-3.0-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-admin-webapps-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-admin-webapps", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-docs-webapp-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-docs-webapp", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-el-2.2-api-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-el-2.2-api", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "src", "packageFilename": "tomcat7-7.0.67-1.13.amzn1.src.rpm", "packageName": "tomcat7", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "7.0.67-1.13.amzn1", "arch": "noarch", "packageFilename": "tomcat7-webapps-7.0.67-1.13.amzn1.noarch.rpm", "packageName": "tomcat7-webapps", "operator": "lt"}], "description": "**Issue Overview:**\n\nA directory traversal vulnerability in RequestUtil.java was discovered which allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call. ([CVE-2015-5174 __](<https://access.redhat.com/security/cve/CVE-2015-5174>))\n\nA session fixation vulnerability was discovered that might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request when different session settings are used for deployments of multiple versions of the same web application. ([CVE-2015-5346 __](<https://access.redhat.com/security/cve/CVE-2015-5346>))\n\nIt was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. ([CVE-2014-7810 __](<https://access.redhat.com/security/cve/CVE-2014-7810>))\n\n \n**Affected Packages:** \n\n\ntomcat7\n\n \n**Issue Correction:** \nRun _yum update tomcat7_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n tomcat7-el-2.2-api-7.0.67-1.13.amzn1.noarch \n tomcat7-log4j-7.0.67-1.13.amzn1.noarch \n tomcat7-7.0.67-1.13.amzn1.noarch \n tomcat7-docs-webapp-7.0.67-1.13.amzn1.noarch \n tomcat7-webapps-7.0.67-1.13.amzn1.noarch \n tomcat7-admin-webapps-7.0.67-1.13.amzn1.noarch \n tomcat7-lib-7.0.67-1.13.amzn1.noarch \n tomcat7-jsp-2.2-api-7.0.67-1.13.amzn1.noarch \n tomcat7-servlet-3.0-api-7.0.67-1.13.amzn1.noarch \n tomcat7-javadoc-7.0.67-1.13.amzn1.noarch \n \n src: \n tomcat7-7.0.67-1.13.amzn1.src \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2016-03-10T16:30:00", "title": "Medium: tomcat7", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:17", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-5346", "CVE-2015-5174", "CVE-2014-7810"], "modified": "2016-03-10T16:30:00", "id": "ALAS-2016-657", "href": "https://alas.aws.amazon.com/ALAS-2016-657.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:40", "references": ["https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "7.0.55", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "tomcat7", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "6.0.44", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "tomcat", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.6.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "hadoop2", "operator": "le"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "8.0.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "tomcat8", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "4.1.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oozie", "operator": "le"}], "description": "\nApache Software Foundation reports:\n\nLow: Denial of Service CVE-2014-0230\nWhen a response for a request with a request body is\n\t returned to the user agent before the request body is\n\t fully read, by default Tomcat swallows the remaining\n\t request body so that the next request on the connection\n\t may be processed. There was no limit to the size of\n\t request body that Tomcat would swallow. This permitted\n\t a limited Denial of Service as Tomcat would never close\n\t the connection and a processing thread would remain\n\t allocated to the connection.\nModerate: Security Manager bypass CVE-2014-7810\nMalicious web applications could use expression\n\t language to bypass the protections of a Security\n\t Manager as expressions were evaluated within a\n\t privileged code section.\n\n", "edition": 4, "reporter": "FreeBSD", "published": "2015-05-12T00:00:00", "title": "tomcat -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0230", "CVE-2014-7810"], "modified": "2017-03-18T00:00:00", "id": "25E0593D-13C0-11E5-9AFB-3C970E169BC2", "href": "https://vuxml.freebsd.org/freebsd/25e0593d-13c0-11e5-9afb-3c970e169bc2.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:17", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0230", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0227", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7810"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "6.0.35-1ubuntu3.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libtomcat6-java", "operator": "lt"}], "description": "It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. (CVE-2014-0227)\n\nIt was discovered that Tomcat incorrectly handled HTTP responses occurring before the entire request body was finished being read. A remote attacker could possibly use this issue to cause a limited denial of service. (CVE-2014-0230)\n\nIt was discovered that the Tomcat Expression Language (EL) implementation incorrectly handled accessible interfaces implemented by inaccessible classes. An attacker could possibly use this issue to bypass a SecurityManager protection mechanism. (CVE-2014-7810)", "edition": 3, "reporter": "Ubuntu", "published": "2015-06-25T00:00:00", "title": "Tomcat vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810"], "modified": "2015-06-25T00:00:00", "id": "USN-2655-1", "href": "https://usn.ubuntu.com/2655-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:39", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0119", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0230", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0227", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7810"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "15.04", "packageVersion": "7.0.56-2ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libtomcat7-java", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "7.0.52-1ubuntu0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libtomcat7-java", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "7.0.55-1ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libtomcat7-java", "operator": "lt"}], "description": "It was discovered that the Tomcat XML parser incorrectly handled XML External Entities (XXE). A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0119)\n\nIt was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0227)\n\nIt was discovered that Tomcat incorrectly handled HTTP responses occurring before the entire request body was finished being read. A remote attacker could possibly use this issue to cause a limited denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0230)\n\nIt was discovered that the Tomcat Expression Language (EL) implementation incorrectly handled accessible interfaces implemented by inaccessible classes. An attacker could possibly use this issue to bypass a SecurityManager protection mechanism. (CVE-2014-7810)", "edition": 3, "reporter": "Ubuntu", "published": "2015-06-25T00:00:00", "title": "Tomcat vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0119", "CVE-2014-7810"], "modified": "2015-06-25T00:00:00", "id": "USN-2654-1", "href": "https://usn.ubuntu.com/2654-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oracle": [{"lastseen": "2018-10-13T04:31:42", "references": [], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to: \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<http://www.oracle.com/securityalerts>) for information about Oracle Security Advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 334 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2420273.1>).\n\nMany industry experts anticipate that exploits leveraging known flaws in modern processor designs will continue to be disclosed for the foreseeable future (i.e., \"Spectre\" variants). For information related to these issues, please refer to:\n\n * the January 2018 Critical Patch Update (and later) Advisories,\n * the \"Addendum to the January 2018 Critical Patch Update Advisory for Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754)\" ([Doc ID 2347948.1](<https://support.oracle.com/rs?type=doc&id=2347948.1>)), and\n * \"Information about processor vulnerabilities CVE-2018-3640 (\"Spectre v3a\") and CVE-2018-3639 (\"Spectre v4\")\" ([Doc ID 2399123.1](<https://support.oracle.com/rs?type=doc&id=2399123.1>)).\n\n \n", "edition": 11, "reporter": "Oracle", "published": "2018-07-17T00:00:00", "title": "CPU July 2018", "type": "oracle", "enchantments": {"score": {"modified": "2018-10-13T04:31:42", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "17.x", "operator": "le"}, {"name": "Oracle Retail Convenience and Fuel POS Software", "version": "2.1.132", "operator": "le"}, {"name": "Oracle Communications User Data Repository", "version": "10.x", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.2.2", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Retail Service Layer", "version": "13.0.x", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "16.0", "operator": "le"}, {"name": "Primavera Unifier", "version": "18.x", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.4", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.1.0", "operator": "le"}, {"name": "MICROS Retail-J", "version": "10.2.x", "operator": "le"}, {"name": "Oracle Retail Order Broker", "version": "16.0", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "6.1.1", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.6", "operator": "le"}, {"name": "Oracle Policy Automation Connector for Siebel", "version": "10.4.6", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.6", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.3.0", "operator": "le"}, {"name": "Oracle Banking Corporate Lending", "version": "14.0.0", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.2", "operator": "le"}, {"name": "Oracle SOA Suite", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Banking Platform", "version": "2.6.1", "operator": "le"}, {"name": "Enterprise Manager for Virtualization", "version": "13.2.3", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.3.x", "operator": "le"}, {"name": "Oracle Financial Services Analytical Applications Infrastructure", "version": "7.3.3.x", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "12.1.1", "operator": "le"}, {"name": "PeopleSoft Enterprise CS Financial Aid", "version": "9.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Enterprise Limits and Collateral Management", "version": "14.1.0", "operator": "le"}, {"name": "Siebel UI Framework", "version": "18.0", "operator": "le"}, {"name": "MICROS Retail-J", "version": "12.1.1.x", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.3", "operator": "le"}, {"name": "Oracle Business Process Management Suite", "version": "12.2.1.2.0", "operator": "le"}, {"name": "MySQL Client", "version": "5.5.60", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "7u181", "operator": "le"}, {"name": "Oracle Fusion Middleware MapViewer", "version": "12.2.1.2", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "13.0.x", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "12.2.2", "operator": "le"}, {"name": "Oracle Hospitality Simphony", "version": "2.9", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Application Testing Suite", "version": "10.1", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Human Resources", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "14.1", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.4.7.4297", "operator": "le"}, {"name": "Oracle Insurance Policy Administration", "version": "11.0", "operator": "le"}, {"name": "FMW Platform", "version": "12.2.1.3.0", "operator": "le"}, {"name": "Oracle Fusion Middleware MapViewer", "version": "12.2.1.3.0", "operator": "le"}, {"name": "FMW Platform", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Financial Services Revenue Management and Billing", "version": "2.5.0.3.0", "operator": "le"}, {"name": "Java SE", "version": "6u191", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "14.1.0", "operator": "le"}, {"name": "Oracle Fusion Middleware MapViewer", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Java VM", "version": "11.2.0.4", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "6u191", "operator": "le"}, {"name": "Oracle Financial Services Analytical Applications Infrastructure", "version": "8.0.x", "operator": "le"}, {"name": "Oracle Agile PLM MCAD Connector", "version": "3.4", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.4", "operator": "le"}, {"name": "MICROS Retail-J", "version": "11.0.x", "operator": "le"}, {"name": "MySQL Connectors", "version": "5.3.10", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Financial Services Revenue Management and Billing", "version": "2.4.0.0.0", "operator": "le"}, {"name": "Oracle Banking Platform", "version": "2.6.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.7", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "15.0", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.3.3", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "14.1", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "15.0.3", "operator": "le"}, {"name": "BI Publisher", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "10.4.7", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.7", "operator": "le"}, {"name": "JD Edwards EnterpriseOne Tools", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Service Backbone", "version": "16.0.025", "operator": "le"}, {"name": "Oracle Banking Corporate Lending", "version": "14.1.0", "operator": "le"}, {"name": "Oracle Communications Session Border Controller", "version": "8.x", "operator": "le"}, {"name": "Oracle Fusion Middleware", "version": "12.2.1.3", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "14.0.x", "operator": "le"}, {"name": "Oracle Enterprise Data Quality", "version": "12.2.1.3.0", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.10", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u172", "operator": "le"}, {"name": "MICROS Retail-J", "version": "12.0.x", "operator": "le"}, {"name": "Hardware Management Pack", "version": "11.3", "operator": "le"}, {"name": "MICROS 700 Series Tablet", "version": "0.00.13ORC", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "12.0.x", "operator": "le"}, {"name": "Oracle Utilities Network Management System", "version": "2.3.x", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.0", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "12.2.1.3.0", "operator": "le"}, {"name": "Oracle RDBMS", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Retail Order Broker", "version": "15.0", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.55", "operator": "le"}, {"name": "Oracle Retail Financial Integration", "version": "16.0.x", "operator": "le"}, {"name": "MySQL Workbench", "version": "8.0.11", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "14.0.0", "operator": "le"}, {"name": "Oracle Retail Service Layer", "version": "13.2.x", "operator": "le"}, {"name": "Oracle Hospitality Simphony", "version": "2.8", "operator": "le"}, {"name": "Oracle Communications EAGLE LNP Application Processor", "version": "10.x", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.2.7", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.0.4", "operator": "le"}, {"name": "Oracle Retail Clearance Optimization Engine", "version": "14.0.5", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.2.6", "operator": "le"}, {"name": "Oracle RDBMS", "version": "18.1", "operator": "le"}, {"name": "Oracle Retail Service Backbone", "version": "14.0.x", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Banking Corporate Lending", "version": "12.5.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.1.0", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.7", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.0.1.0", "operator": "le"}, {"name": "MySQL Client", "version": "8.0.11", "operator": "le"}, {"name": "Primavera Unifier", "version": "16.x", "operator": "le"}, {"name": "Oracle Financial Services Revenue Management and Billing", "version": "2.5.0.1.0", "operator": "le"}, {"name": "JD Edwards World Security", "version": "9.4", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.3.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.1.0", "operator": "le"}, {"name": "MICROS Retail-J", "version": "12.1.2.x", "operator": "le"}, {"name": "JD Edwards World Security", "version": "9.3.1", "operator": "le"}, {"name": "BI Publisher", "version": "11.1.1.7.0", "operator": "le"}, {"name": "MICROS Kitchen Display Controller", "version": "0.00.16ORC", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.0.2.0", "operator": "le"}, {"name": "Oracle Retail Service Layer", "version": "13.1.x", "operator": "le"}, {"name": "Oracle Financial Services Revenue Management and Billing", "version": "2.4.0.1.0", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "16.x", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.1", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "14.0", "operator": "le"}, {"name": "Java SE", "version": "8u172", "operator": "le"}, {"name": "Oracle Enterprise Repository", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.4", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.1.2", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "11.4.0", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.56", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.60", "operator": "le"}, {"name": "Oracle SOA Suite", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "6u191", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.3", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "13.2.x", "operator": "le"}, {"name": "Oracle Retail Financial Integration", "version": "13.2.x", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "14.1.x", "operator": "le"}, {"name": "Enterprise Manager for Peoplesoft", "version": "13.2.1.1", "operator": "le"}, {"name": "Oracle Retail Point-of-Sale", "version": "14.1", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.3", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "10.0.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.4.0", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.1.0", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.40", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.2.0", "operator": "le"}, {"name": "MICROS Retail-J", "version": "12.1.x", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "13.2.x", "operator": "le"}, {"name": "Oracle RDBMS", "version": "12.2.0.1", "operator": "le"}, {"name": "Oracle Retail Service Layer", "version": "12.0.x", "operator": "le"}, {"name": "Solaris Cluster", "version": "4.3", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Business Process Management Suite", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Retail Service Backbone", "version": "14.1.x", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "13.1.x", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "12.1.0.8", "operator": "le"}, {"name": "Oracle SOA Suite", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle Communications Messaging Server", "version": "3.x", "operator": "le"}, {"name": "Oracle RDBMS", "version": "18.2", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.8", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "8.0.5", "operator": "le"}, {"name": "Oracle API Gateway", "version": "11.1.2.4.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "14.0.0", "operator": "le"}, {"name": "Oracle Retail Financial Integration", "version": "15.0.x", "operator": "le"}, {"name": "Oracle SuperCluster Specific Software", "version": "2.5.0", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Enterprise Repository", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle SOA Suite", "version": "12.2.1.3.0", "operator": "le"}, {"name": "Oracle Banking Corporate Lending", "version": "12.4.0", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "14.1", "operator": "le"}, {"name": "Oracle Banking Platform", "version": "2.6.2", "operator": "le"}, {"name": "Java VM", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.8", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.4", "operator": "le"}, {"name": "Oracle Retail Point-of-Sale", "version": "14.0", "operator": "le"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "version": "16.x", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.4", "operator": "le"}, {"name": "Oracle Internet Directory", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.3", "operator": "le"}, {"name": "Enterprise Manager for MySQL Database", "version": "13.2.2.0.0", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "10.4.7", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle Hospitality Gift and Loyalty", "version": "9.0.0", "operator": "le"}, {"name": "Oracle Banking Payments", "version": "12.2.0", "operator": "le"}, {"name": "Oracle AutoVue VueLink Integration", "version": "21.0.0", "operator": "le"}, {"name": "MySQL Server", "version": "5.7.22", "operator": "le"}, {"name": "Enterprise Manager for Virtualization", "version": "13.2.2", "operator": "le"}, {"name": "Oracle Financial Services Behavior Detection Platform", "version": "8.0.x", "operator": "le"}, {"name": "Oracle Retail Point-of-Service", "version": "14.1", "operator": "le"}, {"name": "Enterprise Manager for Fusion Middleware", "version": "12.1.0.5", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "16.0.x", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.4", "operator": "le"}, {"name": "Oracle Financial Services Revenue Management and Billing", "version": "2.5.0.2.0", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.1", "operator": "le"}, {"name": "MICROS XBR", "version": "7.0.4", "operator": "le"}, {"name": "MySQL Server", "version": "8.0.11", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.3", "operator": "le"}, {"name": "Oracle iLearning", "version": "6.2", "operator": "le"}, {"name": "Oracle Hospitality Simphony", "version": "2.10", "operator": "le"}, {"name": "Oracle Retail Integration Bus", "version": "15.0.x", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.9", "operator": "le"}, {"name": "Oracle Retail Financial Integration", "version": "14.0.x", "operator": "le"}, {"name": "Oracle Agile Engineering Data Management", "version": "6.2.0", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.2.0.0", "operator": "le"}, {"name": "MICROS Workstation 6", "version": "2.3.1.0", "operator": "le"}, {"name": "MICROS Retail-J", "version": "13.1.x", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "4.4.1.5.0", "operator": "le"}, {"name": "Enterprise Manager for Fusion Middleware", "version": "13.2.x", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.2.4", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "10.0.1", "operator": "le"}, {"name": "Oracle Communications Session Border Controller", "version": "7.x", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.7", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.2.1.3", "operator": "le"}, {"name": "Oracle Agile Engineering Data Management", "version": "6.1.3", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "4.0.4.5235", "operator": "le"}, {"name": "Oracle Spatial (jackson-databind)", "version": "12.2.0.1", "operator": "le"}, {"name": "Oracle AutoVue VueLink Integration", "version": "21.0.1", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.3", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.2.3", "operator": "le"}, {"name": "JD Edwards World Security", "version": "9.3", "operator": "le"}, {"name": "Oracle Insurance Policy Administration", "version": "10.1", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.1.0.0", "operator": "le"}, {"name": "Sun ZFS Storage Appliance Kit (AK)", "version": "8.7.20", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.2.1.2", "operator": "le"}, {"name": "Oracle Retail Order Broker", "version": "5.2", "operator": "le"}, {"name": "Hyperion Financial Reporting", "version": "11.1.2", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.2.6", "operator": "le"}, {"name": "Solaris", "version": "11.2", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "3.2", "operator": "le"}, {"name": "Primavera Unifier", "version": "17.x", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "14.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "11.3.0", "operator": "le"}, {"name": "Oracle Retail Point-of-Service", "version": "14.0", "operator": "le"}, {"name": "Oracle Retail Service Backbone", "version": "16.0.x", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "6.1.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Service Layer", "version": "14.0.x", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Retail Service Backbone", "version": "15.0.x", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.4.0", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Banking Payments", "version": "14.1.0", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Financial Services Revenue Management and Billing", "version": "2.3.0.2.0", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.6", "operator": "le"}, {"name": "Oracle Retail Bulk Data Integration", "version": "16.0", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.0", "operator": "le"}, {"name": "PeopleSoft HRMS", "version": "9.2", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.5", "operator": "le"}, {"name": "Oracle FLEXCUBE Enterprise Limits and Collateral Management", "version": "14.0.0", "operator": "le"}, {"name": "MySQL Client", "version": "5.7.22", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "13.2.2", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Insurance Policy Administration", "version": "10.0", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "8.0.x", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.5", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.2", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.3", "operator": "le"}, {"name": "Oracle Banking Payments", "version": "12.3.0", "operator": "le"}, {"name": "Sun ZFS Storage Appliance Kit (AK)", "version": "8.7.18", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.4.1", "operator": "le"}, {"name": "Java SE", "version": "10.0.1", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Business Process Management Suite", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Financial Services Hedge Management and IFRS Valuations", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "14.0", "operator": "le"}, {"name": "MICROS Workstation 6", "version": "1.3.1.0", "operator": "le"}, {"name": "BI Publisher", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle Fusion Middleware MapViewer", "version": "12.2.1.3", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "15.x", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Insurance Policy Administration", "version": "10.2", "operator": "le"}, {"name": "Oracle FLEXCUBE Enterprise Limits and Collateral Management", "version": "12.3.0", "operator": "le"}, {"name": "Oracle Agile PLM MCAD Connector", "version": "3.3", "operator": "le"}, {"name": "MySQL Connectors", "version": "8.0.11", "operator": "le"}, {"name": "Agile Recipe Management for Pharmaceuticals", "version": "9.3.4", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.2.0.0", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Communications Interactive Session Recorder", "version": "6.x", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.3", "operator": "le"}, {"name": "Enterprise Manager for Peoplesoft", "version": "13.1.1.1", "operator": "le"}, {"name": "Oracle Hospitality Cruise Fleet Management System", "version": "9.x", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.5.x", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Communications Interactive Session Recorder", "version": "5.x", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.3.6.0", "operator": "le"}, {"name": "OSS Support Tools", "version": "18.3", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.9", "operator": "le"}, {"name": "Tape Library ACSLS", "version": "8.4.0", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Banking Payments", "version": "12.4.0", "operator": "le"}, {"name": "Oracle Communications User Data Repository", "version": "12.x", "operator": "le"}, {"name": "Oracle Spatial (jackson-databind)", "version": "18.1", "operator": "le"}, {"name": "Oracle SOA Suite", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.2.16", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "8u172", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router (DSR)", "version": "7.x", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.7", "operator": "le"}, {"name": "MICROS 700 Series Tablet", "version": "0.01.25ORC", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.2", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.10", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Banking Corporate Lending", "version": "12.3.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Java VM", "version": "12.2.0.1", "operator": "le"}, {"name": "Java SE", "version": "7u181", "operator": "le"}, {"name": "PeopleSoft Enterprise CS Financial Aid", "version": "9.2", "operator": "le"}, {"name": "Oracle Agile PLM MCAD Connector", "version": "3.6", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "12.1.0.5", "operator": "le"}, {"name": "Solaris Cluster", "version": "3.3", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "3.1", "operator": "le"}, {"name": "Oracle Financial Services Hedge Management and IFRS Valuations", "version": "8.0.5", "operator": "le"}, {"name": "MICROS Handheld Terminal", "version": "4.4.4", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.2.1.3.0", "operator": "le"}, {"name": "Oracle Communications Policy Management", "version": "12.x", "operator": "le"}, {"name": "Oracle Business Process Management Suite", "version": "12.2.1.3.0", "operator": "le"}, {"name": "BI Publisher", "version": "12.2.1.3.0", "operator": "le"}, {"name": "Oracle Retail Financial Integration", "version": "14.1.x", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.7", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "version": "17.x", "operator": "le"}, {"name": "MICROS XBR", "version": "7.0.2", "operator": "le"}, {"name": "Oracle Outside In Technology", "version": "8.5.3", "operator": "le"}, {"name": "Hyperion Data Relationship Management", "version": "11.1.2.4.330", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.7", "operator": "le"}, {"name": "Oracle Utilities Network Management System", "version": "1.12.x", "operator": "le"}, {"name": "PeopleSoft Enterprise FIN Install", "version": "9.2", "operator": "le"}, {"name": "Oracle Business Process Management Suite", "version": "12.1.3.0.0", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "10.8.x", "operator": "le"}, {"name": "Oracle Hospitality Cruise Shipboard Property Management System", "version": "8.x", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router (DSR)", "version": "8.x", "operator": "le"}, {"name": "Oracle Utilities Work and Asset Management", "version": "1.9.1.2.12", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.6", "operator": "le"}, {"name": "MICROS Workstation 6", "version": "1.5.2.0", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "11.4.x", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.1.3", "operator": "le"}, {"name": "MySQL Client", "version": "5.6.40", "operator": "le"}, {"name": "Oracle Policy Automation for Mobile Devices", "version": "12.2.5", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Banking Payments", "version": "12.5.0", "operator": "le"}, {"name": "MICROS Handheld Terminal", "version": "2018", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Agile PLM MCAD Connector", "version": "3.5", "operator": "le"}, {"name": "Java VM", "version": "18.2", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u181", "operator": "le"}, {"name": "Oracle Trade Management", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Fusion Middleware", "version": "12.2.1.2", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.5", "operator": "le"}, {"name": "Solaris", "version": "11.3", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "8.0.x", "operator": "le"}, {"name": "Oracle Agile Engineering Data Management", "version": "6.2.1", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.1.2", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "8.0.0.8131", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Hospitality Reporting and Analytics", "version": "9.0.0", "operator": "le"}, {"name": "Oracle Order Management", "version": "12.2.7", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.4", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.7", "operator": "le"}, {"name": "Sun ZFS Storage Appliance Kit (AK)", "version": "8.7.19", "operator": "le"}, {"name": "MySQL Workbench", "version": "6.3.10", "operator": "le"}], "cvelist": ["CVE-2015-5600", "CVE-2018-3010", "CVE-2017-5533", "CVE-2018-3004", "CVE-2015-5351", "CVE-2018-3091", "CVE-2018-3021", "CVE-2017-13218", "CVE-2017-9798", "CVE-2018-3109", "CVE-2018-2935", "CVE-2018-1000120", "CVE-2018-2948", "CVE-2018-3019", "CVE-2011-4461", "CVE-2018-2984", "CVE-2016-7103", "CVE-2017-5753", "CVE-2018-2893", "CVE-2018-2917", "CVE-2018-2981", "CVE-2017-10989", "CVE-2017-5754", "CVE-2018-3098", "CVE-2018-2965", "CVE-2018-3029", "CVE-2018-3072", "CVE-2018-1304", "CVE-2018-2969", "CVE-2018-2955", "CVE-2018-3104", "CVE-2018-3079", "CVE-2018-2906", "CVE-2018-3048", "CVE-2015-6420", "CVE-2018-2988", "CVE-2018-2944", "CVE-2018-3093", "CVE-2018-2881", "CVE-2015-3415", "CVE-2018-3055", "CVE-2017-6074", "CVE-2018-3050", "CVE-2016-5019", "CVE-2018-3027", "CVE-2018-3025", "CVE-2018-2951", "CVE-2018-3046", "CVE-2018-1275", "CVE-2018-2990", "CVE-2018-7489", "CVE-2018-2980", "CVE-2018-3069", "CVE-2018-2894", "CVE-2018-2954", "CVE-2018-3053", "CVE-2018-2953", "CVE-2018-2938", "CVE-2016-4055", "CVE-2018-3008", "CVE-2016-9878", "CVE-2017-3735", "CVE-2018-2973", "CVE-2015-5262", "CVE-2018-3009", "CVE-2014-0230", "CVE-2018-2947", "CVE-2018-1271", "CVE-2018-3015", "CVE-2018-3096", "CVE-2018-2989", "CVE-2018-2897", "CVE-2018-2961", "CVE-2018-2920", "CVE-2018-3006", "CVE-2018-1000121", "CVE-2016-0714", "CVE-2018-2994", "CVE-2016-3092", "CVE-2018-3043", "CVE-2018-2937", "CVE-2018-2924", "CVE-2018-2966", "CVE-2017-3652", "CVE-2016-5300", "CVE-2018-3031", "CVE-2018-2908", "CVE-2018-1171", "CVE-2018-3100", "CVE-2017-3648", "CVE-2014-9746", "CVE-2018-2992", "CVE-2015-5345", "CVE-2018-3002", "CVE-2018-2942", "CVE-2018-3061", "CVE-2018-3075", "CVE-2016-2105", "CVE-2018-2998", "CVE-2014-3577", "CVE-2018-2956", "CVE-2018-2975", "CVE-2016-2107", "CVE-2016-4463", "CVE-2018-3044", "CVE-2015-7501", "CVE-2018-2976", "CVE-2018-2999", "CVE-2017-3649", "CVE-2018-3101", "CVE-2018-3067", "CVE-2017-0785", "CVE-2017-3737", "CVE-2018-2962", "CVE-2018-2926", "CVE-2017-15707", "CVE-2018-2958", "CVE-2016-1182", "CVE-2018-1258", "CVE-2018-3073", "CVE-2018-1000122", "CVE-2018-1305", "CVE-2018-3095", "CVE-2017-13088", "CVE-2018-2977", "CVE-2017-5662", "CVE-2018-2995", "CVE-2017-9526", "CVE-2018-3086", "CVE-2018-2964", "CVE-2018-3047", "CVE-2018-2985", "CVE-2018-3032", "CVE-2018-2960", "CVE-2018-2997", "CVE-2018-2972", "CVE-2018-3034", "CVE-2018-3023", "CVE-2018-2904", "CVE-2016-0718", "CVE-2018-2882", "CVE-2018-3065", "CVE-2018-3102", "CVE-2014-2532", "CVE-2018-2957", "CVE-2017-5715", "CVE-2018-3057", "CVE-2016-2109", "CVE-2017-3633", "CVE-2018-2921", "CVE-2018-2915", "CVE-2018-1000300", "CVE-2017-3647", "CVE-2018-2959", "CVE-2018-2767", "CVE-2014-0114", "CVE-2018-3080", "CVE-2018-2934", "CVE-2017-3732", "CVE-2018-2949", "CVE-2018-3089", "CVE-2018-2945", "CVE-2018-2943", "CVE-2018-0739", "CVE-2015-5346", "CVE-2018-2896", "CVE-2018-3013", "CVE-2018-2936", "CVE-2018-2986", "CVE-2018-2905", "CVE-2018-2916", "CVE-2018-3087", "CVE-2018-3007", "CVE-2015-3416", "CVE-2018-1313", "CVE-2018-2991", "CVE-2018-2598", "CVE-2018-3033", "CVE-2018-8013", "CVE-2015-5174", "CVE-2014-9029", "CVE-2018-3012", "CVE-2018-3036", "CVE-2018-3062", "CVE-2018-3108", "CVE-2018-1272", "CVE-2018-2987", "CVE-2017-7525", "CVE-2018-3060", "CVE-2018-3071", "CVE-2018-3014", "CVE-2018-3051", "CVE-2015-3414", "CVE-2018-3103", "CVE-2018-2979", "CVE-2018-2993", "CVE-2018-3092", "CVE-2015-0204", "CVE-2014-7810", "CVE-2018-3022", "CVE-2018-1270", "CVE-2018-2903", "CVE-2017-3651", "CVE-2018-3058", "CVE-2016-0706", "CVE-2017-3641", "CVE-2018-2928", "CVE-2017-5664", "CVE-2018-2900", "CVE-2018-2898", "CVE-2018-3003", "CVE-2018-3001", "CVE-2018-2950", "CVE-2018-2929", "CVE-2018-0733", "CVE-2017-3635", "CVE-2018-3094", "CVE-2016-1181", "CVE-2018-2941", "CVE-2014-8157", "CVE-2018-2933", "CVE-2018-3017", "CVE-2016-9843", "CVE-2018-2946", "CVE-2016-2176", "CVE-2016-8735", "CVE-2018-2940", "CVE-2017-3738", "CVE-2018-2930", "CVE-2018-3049", "CVE-2018-2918", "CVE-2018-3076", "CVE-2018-2982", "CVE-2018-3041", "CVE-2016-5195", "CVE-2018-3026", "CVE-2018-2901", "CVE-2018-2939", "CVE-2018-3081", "CVE-2018-3085", "CVE-2017-5645", "CVE-2016-2099", "CVE-2018-3024", "CVE-2018-2892", "CVE-2018-3070", "CVE-2018-3018", "CVE-2017-12617", "CVE-2018-3077", "CVE-2018-3054", "CVE-2017-5529", "CVE-2017-3653", "CVE-2016-9841", "CVE-2015-7940", "CVE-2018-2970", "CVE-2018-2963", "CVE-2017-3736", "CVE-2018-3028", "CVE-2018-3074", "CVE-2018-3052", "CVE-2018-3063", "CVE-2017-0379", "CVE-2018-2919", "CVE-2018-3039", "CVE-2018-3082", "CVE-2018-2899", "CVE-2018-2974", "CVE-2018-2932", "CVE-2018-3038", "CVE-2018-3097", "CVE-2018-3020", "CVE-2016-3506", "CVE-2018-3005", "CVE-2018-3090", "CVE-2017-3636", "CVE-2018-3035", "CVE-2018-2968", "CVE-2018-2907", "CVE-2017-15095", "CVE-2018-3064", "CVE-2018-3037", "CVE-2018-2895", "CVE-2018-3068", "CVE-2018-3078", "CVE-2018-2996", "CVE-2018-2923", "CVE-2018-3030", "CVE-2018-3099", "CVE-2018-3084", "CVE-2016-2106", "CVE-2017-3634", "CVE-2016-6814", "CVE-2018-3066", "CVE-2018-2925", "CVE-2018-3056", "CVE-2018-3639", "CVE-2018-1000301", "CVE-2018-3040", "CVE-2018-3000", "CVE-2018-3045", "CVE-2018-3640", "CVE-2018-3016", "CVE-2018-3088", "CVE-2018-2967", "CVE-2018-2888", "CVE-2018-1327", "CVE-2018-2927", "CVE-2018-2952", "CVE-2018-3105", "CVE-2018-3042", "CVE-2018-2891", "CVE-2018-2978"], "modified": "2018-10-12T00:00:00", "id": "ORACLE:CPUJUL2018-4258247", "href": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}