Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-3739.NASL
HistoryDec 20, 2016 - 12:00 a.m.

Debian DSA-3739-1 : tomcat8 - security update

2016-12-2000:00:00
This script is Copyright (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

Multiple security vulnerabilities were discovered in the Tomcat servlet and JSP engine, as well as in its Debian-specific maintainer scripts. Those flaws allowed for privilege escalation, information disclosure, and remote code execution.

As part of this update, several regressions stemming from incomplete fixes for previous vulnerabilities were also fixed.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-3739. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(96018);
  script_version("3.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/14");

  script_cve_id(
    "CVE-2016-6816",
    "CVE-2016-8735",
    "CVE-2016-9774",
    "CVE-2016-9775"
  );
  script_xref(name:"DSA", value:"3739");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/06/02");

  script_name(english:"Debian DSA-3739-1 : tomcat8 - security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security-related update.");
  script_set_attribute(attribute:"description", value:
"Multiple security vulnerabilities were discovered in the Tomcat
servlet and JSP engine, as well as in its Debian-specific maintainer
scripts. Those flaws allowed for privilege escalation, information
disclosure, and remote code execution.

As part of this update, several regressions stemming from incomplete
fixes for previous vulnerabilities were also fixed.");
  script_set_attribute(attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802312");
  script_set_attribute(attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845385");
  script_set_attribute(attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845393");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/jessie/tomcat8");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2016/dsa-3739");
  script_set_attribute(attribute:"solution", value:
"Upgrade the tomcat8 packages.

For the stable distribution (jessie), these problems have been fixed
in version 8.0.14-1+deb8u5.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/12/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:tomcat8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"8.0", prefix:"libservlet3.1-java", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"libservlet3.1-java-doc", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"libtomcat8-java", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"tomcat8", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"tomcat8-admin", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"tomcat8-common", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"tomcat8-docs", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"tomcat8-examples", reference:"8.0.14-1+deb8u5")) flag++;
if (deb_check(release:"8.0", prefix:"tomcat8-user", reference:"8.0.14-1+deb8u5")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxtomcat8p-cpe:/a:debian:debian_linux:tomcat8
debiandebian_linux8.0cpe:/o:debian:debian_linux:8.0

Related

debian 9
openvas 33
nessus 40
ibm 24
freebsd 1
amazon 4
fedora 3
archlinux 1
tomcat 5
mageia 1
ubuntu 3
osv 11
debiancve 5
prion 5
ubuntucve 5
cve 5
f5 5
checkpoint_advisories 1
exploitpack 1
github 2
redhatcve 2
packetstorm 1
seebug 2
zdt 1
veracode 2
exploitdb 1
suse 6
cisa_kev 1
attackerkb 1
redhat 10
oraclelinux 2
centos 2
pentestit 1
kitploit 1
atlassian 2
debian
debian
[SECURITY] [DSA 3738-1] tomcat7 security update
2016-12-18 09:12:10
[SECURITY] [DSA 3738-1] tomcat7 security update
2016-12-18 09:12:10
[SECURITY] [DSA 3739-1] tomcat8 security update
2016-12-18 09:12:31
openvas
openvas
Debian Security Advisory DSA 3738-1 (tomcat7 - security update)
2016-12-18 00:00:00
Debian: Security Advisory (DSA-3739-1)
2016-12-17 00:00:00
Debian: Security Advisory (DSA-3738-1)
2016-12-17 00:00:00
nessus
nessus
Debian DSA-3738-1 : tomcat7 - security update
2016-12-20 00:00:00
Amazon Linux AMI : tomcat6 (ALAS-2016-776)
2016-12-16 00:00:00
Amazon Linux AMI : tomcat7 (ALAS-2016-777)
2016-12-16 00:00:00
ibm
ibm
Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2016-8735, CVE-2016-6816)
2019-11-18 13:57:34
Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Insight (CVE-2016-6816, CVE-2016-8735)
2018-06-17 05:19:05
Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect IBM UrbanCode Release
2018-06-17 22:33:29
freebsd
freebsd
tomcat -- multiple vulnerabilities
2016-11-22 00:00:00
amazon
amazon
Important: tomcat6
2016-12-15 00:41:00
Important: tomcat8
2016-12-15 00:50:00
Important: tomcat7
2016-12-15 00:48:00
fedora
fedora
[SECURITY] Fedora 25 Update: tomcat-8.0.39-1.fc25
2016-12-14 21:31:31
[SECURITY] Fedora 24 Update: tomcat-8.0.39-1.fc24
2016-12-14 22:57:34
[SECURITY] Fedora 23 Update: tomcat-8.0.39-1.fc23
2016-12-15 01:21:03
archlinux
archlinux
[ASA-201611-22] tomcat6: multiple issues
2016-11-23 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 6.0.48
2016-11-15 00:00:00
Fixed in Apache Tomcat 8.0.39
2016-11-14 00:00:00
Fixed in Apache Tomcat 7.0.73
2016-11-14 00:00:00
mageia
mageia
Updated tomcat package fixes security vulnerabilities
2016-12-12 01:44:05
ubuntu
ubuntu
Tomcat regression
2017-02-02 00:00:00
Tomcat vulnerabilities
2017-01-23 00:00:00
Tomcat vulnerabilities
2020-09-30 00:00:00
osv
osv
tomcat6 - security update
2016-12-01 00:00:00
tomcat7 - security update
2016-12-01 00:00:00
CVE-2016-9774
2017-03-23 16:59:00
debiancve
debiancve
CVE-2016-9774
2017-03-23 16:59:00
CVE-2016-9775
2017-03-23 16:59:00
CVE-2016-6816
2017-03-20 18:59:00
prion
prion
Directory traversal
2017-03-23 16:59:00
Design/Logic Flaw
2017-03-23 16:59:00
Design/Logic Flaw
2017-03-20 18:59:00
ubuntucve
ubuntucve
CVE-2016-9774
2016-12-02 00:00:00
CVE-2016-9775
2016-12-02 00:00:00
CVE-2016-6816
2016-11-23 00:00:00
cve
cve
CVE-2016-9774
2017-03-23 16:59:00
CVE-2016-9775
2017-03-23 16:59:00
CVE-2016-6816
2017-03-20 18:59:00
f5
f5
SOL49820145 - Apache Tomcat vulnerability CVE-2016-8735
2016-12-01 00:00:00
SOL50116122 - Apache Tomcat vulnerability CVE-2016-6816
2016-12-01 00:00:00
K50116122 : Apache Tomcat vulnerability CVE-2016-6816
2016-12-01 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Tomcat Remote Code Execution (CVE-2016-8735)
2020-03-27 00:00:00
exploitpack
exploitpack
Apache Tomcat 6789 - Information Disclosure
2017-04-04 00:00:00
github
github
Improper Input Validation in Apache Tomcat
2022-05-13 01:14:53
Apache Tomcat Improper Access Control vulnerability
2022-05-13 01:14:52
redhatcve
redhatcve
CVE-2016-6816
2021-07-11 07:51:46
CVE-2016-8735
2021-01-03 18:49:05
packetstorm
packetstorm
Apache Tomcat 6 / 7 / 8 / 9 Information Disclosure
2017-04-04 00:00:00
seebug
seebug
Apache Tomcat information disclosure Vulnerability, CVE-2016-6816)
2017-02-13 00:00:00
Apache Tomcat Remote Code Execution(CVE-2016-8735)
2016-11-25 00:00:00
zdt
zdt
Apache Tomcat 6/7/8/9 - Information Disclosure Vulnerability
2017-04-03 00:00:00
veracode
veracode
Cross-site Scripting (XSS) Or Information Disclosure
2019-01-15 09:15:22
Denial Of Service (DoS) Via Infinite Loop
2017-02-22 02:23:40
exploitdb
exploitdb
Apache Tomcat 6/7/8/9 - Information Disclosure
2017-04-04 00:00:00
suse
suse
Security update for tomcat (important)
2016-12-14 01:28:16
Security update for tomcat (important)
2016-12-10 23:11:58
Security update for tomcat (important)
2016-12-14 01:14:48
cisa_kev
cisa_kev
Apache Tomcat Remote Code Execution Vulnerability
2023-05-12 00:00:00
attackerkb
attackerkb
CVE-2016-8735
2017-04-06 00:00:00
redhat
redhat
(RHSA-2017:0935) Moderate: tomcat security update
2017-04-12 13:36:04
(RHSA-2017:0527) Moderate: tomcat6 security update
2017-03-15 12:06:21
(RHSA-2017:0250) Important: jboss-ec2-eap security, bug fix, and enhancement update
2017-02-02 20:54:34
oraclelinux
oraclelinux
tomcat6 security update
2017-03-15 00:00:00
tomcat security update
2017-04-12 00:00:00
centos
centos
tomcat security update
2017-04-13 11:00:11
tomcat6 security update
2017-03-17 14:19:39
pentestit
pentestit
JexBoss: Java Deserialization Verification & EXploitation Tool!
2017-08-11 06:52:45
kitploit
kitploit
JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool
2017-12-18 21:12:00
atlassian
atlassian
Update bundled Apache Tomcat due to security vulnerabilities
2017-04-17 08:48:35
Update bundled Apache Tomcat due to security vulnerabilities
2017-04-17 08:48:35
JSON
Related for DEBIAN_DSA-3739.NASL
debian9openvas33nessus40ibm24freebsd1amazon4fedora3archlinux1tomcat5mageia1ubuntu3osv11debiancve5prion5ubuntucve5cve5f55checkpoint_advisories1exploitpack1github2redhatcve2packetstorm1seebug2zdt1veracode2exploitdb1suse6cisa_kev1attackerkb1redhat10oraclelinux2centos2pentestit1kitploit1atlassian2