DATABASE RESOURCES PRICING ABOUT US

{"id": "SL_20090723_TOMCAT_ON_SL5_X.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : tomcat on SL5.x i386/x86_64", "description": "It was discovered that a prior security errata for Tomcat version tomcat5-5.5.23-0jpp.3.0.2.el5 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie processing behavior: with this update, version 0 cookies that contain values that must be quoted to be valid are automatically changed to version 1 cookies. To reactivate the previous, but insecure behavior, add the following entry to the '/etc/tomcat5/catalina.properties' file :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially crafted requests that would cause a temporary denial of service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications running on Tomcat when FORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar application. With some web browsers, remote attackers could use this flaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783)", "published": "2012-08-01T00:00:00", "modified": "2021-01-14T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/60621", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033", "http://www.nessus.org/u?ebb27b84"], "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "immutableFields": [], "lastseen": "2023-05-18T14:27:15", "viewCount": 11, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["EFEDE8C559EE69E7C6E80B70E0A41227", "F4457D571C8377FC24A3BA6F6AED564A"]}, {"type": "centos", "idList": ["CESA-2009:1164", "CESA-2010:0580"]}, {"type": "cve", "idList": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-2696", "CVE-2011-2481"]}, {"type": "d2", "idList": ["D2SEC_TOMCAT_ENUMUSER"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2207-1:6DF41"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-2481"]}, {"type": "fedora", "idList": ["FEDORA:6A09010FBB7", "FEDORA:7CE4B10F808", "FEDORA:8039610F85F", "FEDORA:E07C610F808", "FEDORA:EC5A9208DCA", "FEDORA:M1D4RW3M004324", "FEDORA:M1D5DC2X006390"]}, {"type": "gentoo", "idList": ["GLSA-200804-10", "GLSA-201206-24"]}, {"type": "github", "idList": ["GHSA-9737-QMGC-HFR9", "GHSA-CWW4-VJ5R-RX57", "GHSA-HHJG-G8XQ-HHR3", "GHSA-J788-FX57-99WP", "GHSA-R7C8-HGHC-2MP8", "GHSA-W227-XCFX-3PJ8"]}, {"type": "ibm", "idList": ["2D7C485C705EF6647EC2ADDB5048FDAE46343DAD18C74DA4CF56006EB314660D"]}, {"type": "jvn", "idList": ["JVN:09470767", "JVN:63832775", "JVN:87272440"]}, {"type": "nessus", "idList": ["4368.PASL", "4501.PRM", "5044.PASL", "CENTOS_RHSA-2009-1164.NASL", "CENTOS_RHSA-2010-0580.NASL", "DEBIAN_DSA-2207.NASL", "FEDORA_2008-1467.NASL", "FEDORA_2008-1603.NASL", "FEDORA_2008-8130.NASL", "FEDORA_2009-11352.NASL", "FEDORA_2009-11356.NASL", "FEDORA_2009-11374.NASL", "GENTOO_GLSA-200804-10.NASL", "GENTOO_GLSA-201206-24.NASL", "MACOSX_10_5_4.NASL", "MACOSX_10_6_3.NASL", "MACOSX_SECUPD2008-004.NASL", "MACOSX_SECUPD2008-007.NASL", "MACOSX_SECUPD2010-002.NASL", "MANDRIVA_MDVSA-2009-018.NASL", "MANDRIVA_MDVSA-2009-136.NASL", "MANDRIVA_MDVSA-2009-138.NASL", "MANDRIVA_MDVSA-2010-176.NASL", "ORACLELINUX_ELSA-2009-1164.NASL", "ORACLELINUX_ELSA-2010-0580.NASL", "REDHAT-RHSA-2009-1143.NASL", "REDHAT-RHSA-2009-1144.NASL", "REDHAT-RHSA-2009-1145.NASL", "REDHAT-RHSA-2009-1146.NASL", "REDHAT-RHSA-2009-1164.NASL", "REDHAT-RHSA-2009-1616.NASL", "REDHAT-RHSA-2009-1617.NASL", "REDHAT-RHSA-2010-0580.NASL", "SL_20100802_TOMCAT5_ON_SL5_X.NASL", "SUSE9_12460.NASL", "SUSE9_12585.NASL", "SUSE_11_0_TOMCAT6-090613.NASL", "SUSE_11_0_TOMCAT6-100216.NASL", "SUSE_11_1_TOMCAT6-090613.NASL", "SUSE_11_1_TOMCAT6-100211.NASL", "SUSE_11_2_TOMCAT6-100210.NASL", "SUSE_11_WEBSPHERE-AS_CE-090619.NASL", "SUSE_11_WEBSPHERE-AS_CE-090620.NASL", "SUSE_TOMCAT5-6352.NASL", "SUSE_TOMCAT55-6369.NASL", "SUSE_WEBSPHERE-AS_CE-5850.NASL", "SUSE_WEBSPHERE-AS_CE-6312.NASL", "TOMCAT_4_1_37.NASL", "TOMCAT_5_5_26.NASL", "TOMCAT_6_0_16.NASL", "TOMCAT_FORM_USER_ENUM.NASL", "TOMCAT_REQUESTDISPATCHER_DIR_TRAVERSAL.NASL", "TOMCAT_SAMPLE_CAL2_XSS2.NASL", "TOMCAT_XML_PARSER.NASL", "UBUNTU_USN-788-1.NASL", "VMWARE_VMSA-2008-00010.NASL", "VMWARE_VMSA-2008-0010.NASL", "VMWARE_VMSA-2009-0016.NASL", "VMWARE_VMSA-2009-0016_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:102025", "OPENVAS:102032", "OPENVAS:102039", "OPENVAS:1361412562310102025", "OPENVAS:1361412562310102032", "OPENVAS:1361412562310102039", "OPENVAS:1361412562310122466", "OPENVAS:136141256231063205", "OPENVAS:136141256231063412", "OPENVAS:136141256231064283", "OPENVAS:136141256231064284", "OPENVAS:136141256231064360", "OPENVAS:136141256231064452", "OPENVAS:136141256231064496", "OPENVAS:136141256231064582", "OPENVAS:136141256231064643", "OPENVAS:136141256231065047", "OPENVAS:136141256231065685", "OPENVAS:136141256231065766", "OPENVAS:136141256231065836", "OPENVAS:136141256231065877", "OPENVAS:136141256231066182", "OPENVAS:136141256231066183", "OPENVAS:136141256231066326", "OPENVAS:136141256231066329", "OPENVAS:136141256231066330", "OPENVAS:136141256231069417", "OPENVAS:136141256231071550", "OPENVAS:1361412562310800372", "OPENVAS:1361412562310800813", "OPENVAS:1361412562310831148", "OPENVAS:1361412562310835223", "OPENVAS:1361412562310835243", "OPENVAS:1361412562310862500", "OPENVAS:1361412562310870302", "OPENVAS:1361412562310880632", "OPENVAS:1361412562310880716", "OPENVAS:60810", "OPENVAS:63205", "OPENVAS:63412", "OPENVAS:64262", "OPENVAS:64283", "OPENVAS:64284", "OPENVAS:64318", "OPENVAS:64360", "OPENVAS:64452", "OPENVAS:64496", "OPENVAS:64582", "OPENVAS:64643", "OPENVAS:65047", "OPENVAS:65685", "OPENVAS:65766", "OPENVAS:65836", "OPENVAS:65877", "OPENVAS:66182", "OPENVAS:66183", "OPENVAS:66326", "OPENVAS:66329", "OPENVAS:66330", "OPENVAS:69417", "OPENVAS:71550", "OPENVAS:831148", "OPENVAS:835223", "OPENVAS:835243", "OPENVAS:860345", "OPENVAS:860400", "OPENVAS:860524", "OPENVAS:862500", "OPENVAS:870302", "OPENVAS:880632", "OPENVAS:880716"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1164"]}, {"type": "osv", "idList": ["OSV:DSA-2207-1", "OSV:GHSA-9737-QMGC-HFR9", "OSV:GHSA-CWW4-VJ5R-RX57", "OSV:GHSA-HHJG-G8XQ-HHR3", "OSV:GHSA-J788-FX57-99WP", "OSV:GHSA-R7C8-HGHC-2MP8", "OSV:GHSA-W227-XCFX-3PJ8"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:75474", "PACKETSTORM:78169"]}, {"type": "redhat", "idList": ["RHSA-2009:1145", "RHSA-2009:1164", "RHSA-2009:1454", "RHSA-2009:1506", "RHSA-2009:1562", "RHSA-2009:1563", "RHSA-2009:1616", "RHSA-2009:1617", "RHSA-2010:0580"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21440", "SECURITYVULNS:DOC:21954", "SECURITYVULNS:DOC:21955", "SECURITYVULNS:DOC:21956", "SECURITYVULNS:DOC:21957", "SECURITYVULNS:DOC:21969", "SECURITYVULNS:DOC:22019", "SECURITYVULNS:DOC:23892", "SECURITYVULNS:DOC:29650", "SECURITYVULNS:VULN:10852", "SECURITYVULNS:VULN:13207", "SECURITYVULNS:VULN:9717", "SECURITYVULNS:VULN:9965"]}, {"type": "seebug", "idList": ["SSV:11529", "SSV:11533", "SSV:11562"]}, {"type": "threatpost", "idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"]}, {"type": "tomcat", "idList": ["TOMCAT:3008DCC76D1D9E4F8A16396F620908CF", "TOMCAT:65DF1688E1F40EE0325BE31BC13EB777", "TOMCAT:714BD411598C43D1A796F94A13DB52B8", "TOMCAT:B5460923270358EAE8BBCD35A7CF1F2D", "TOMCAT:EA3D2D7C5F724461ADF487B3F1B37FFE", "TOMCAT:EE775FB0489C8488CCA412D4F1D7F36E", "TOMCAT:FFCE0EAF6F002169ADD22518F9756629"]}, {"type": "ubuntu", "idList": ["USN-788-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-5333", "UB:CVE-2008-5515", "UB:CVE-2009-0033", "UB:CVE-2009-0580", "UB:CVE-2009-0781", "UB:CVE-2009-0783", "UB:CVE-2011-2481"]}, {"type": "veracode", "idList": ["VERACODE:13520", "VERACODE:20724", "VERACODE:24125", "VERACODE:7713", "VERACODE:7715", "VERACODE:7751", "VERACODE:7868"]}, {"type": "vmware", "idList": ["VMSA-2008-0010", "VMSA-2008-0010.3", "VMSA-2009-0016", "VMSA-2009-0016.6"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:1164", "CESA-2010:0580"]}, {"type": "cve", "idList": ["CVE-2007-5333"]}, {"type": "d2", "idList": ["D2SEC_TOMCAT_ENUMUSER"]}, {"type": "fedora", "idList": ["FEDORA:EC5A9208DCA"]}, {"type": "gentoo", "idList": ["GLSA-200804-10"]}, {"type": "jvn", "idList": ["JVN:09470767"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/TOMCAT_ENUM"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2010-176.NASL", "REDHAT-RHSA-2009-1145.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310102032", "OPENVAS:1361412562310862500", "OPENVAS:1361412562310880632", "OPENVAS:65877", "OPENVAS:69417", "OPENVAS:835223"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1164"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:75474"]}, {"type": "redhat", "idList": ["RHSA-2009:1145", "RHSA-2009:1164", "RHSA-2009:1454", "RHSA-2009:1506", "RHSA-2010:0580"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13207"]}, {"type": "seebug", "idList": ["SSV:11529"]}, {"type": "tomcat", "idList": ["TOMCAT:FFCE0EAF6F002169ADD22518F9756629"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-0580"]}, {"type": "vmware", "idList": ["VMSA-2008-0010.3"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2007-5333", "epss": 0.02354, "percentile": 0.88174, "modified": "2023-05-06"}, {"cve": "CVE-2008-5515", "epss": 0.00302, "percentile": 0.65076, "modified": "2023-05-06"}, {"cve": "CVE-2009-0033", "epss": 0.00947, "percentile": 0.8089, "modified": "2023-05-06"}, {"cve": "CVE-2009-0580", "epss": 0.97133, "percentile": 0.99636, "modified": "2023-05-06"}, {"cve": "CVE-2009-0781", "epss": 0.02142, "percentile": 0.87573, "modified": "2023-05-06"}, {"cve": "CVE-2009-0783", "epss": 0.00048, "percentile": 0.14973, "modified": "2023-05-06"}], "vulnersScore": 0.0}, "_state": {"dependencies": 1684423147, "score": 1684425491, "epss": 0}, "_internal": {"score_hash": "688866fd54360b401676fa3d46242e42"}, "pluginID": "60621", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60621);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n\n script_name(english:\"Scientific Linux Security Update : tomcat on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a prior security errata for Tomcat version\ntomcat5-5.5.23-0jpp.3.0.2.el5 did not address all possible flaws in\nthe way Tomcat handles certain characters and character sequences in\ncookie values. A remote attacker could use this flaw to obtain\nsensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to\nversion 1 cookies. To reactivate the previous, but insecure behavior,\nadd the following entry to the '/etc/tomcat5/catalina.properties' \nfile :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw\nto send specially crafted requests that would cause a temporary denial\nof service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications running on Tomcat when\nFORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this\nflaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser Tomcat uses to parse\nconfiguration files. A malicious web application running on a Tomcat\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same Tomcat\ninstance. (CVE-2009-0783)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=1780\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ebb27b84\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Scientific Linux Local Security Checks", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "solution": "Update the affected packages.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vendor_cvss2": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "vendor_cvss3": {"score": 4.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"}, "vpr": {"risk factor": "Medium", "score": "6.2"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": ["CANVAS(D2ExploitPack)"]}

{"openvas": [{"lastseen": "2018-04-06T11:40:05", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1164.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1164", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064452", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064452", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1164.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1164 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1164.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64452\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:1164\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1164.html\");\n script_xref(name : \"URL\" , value : \"http://tomcat.apache.org/security-5.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:53", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1562.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1562", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066182", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066182", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1562.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1562 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1562.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66182\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:1562\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1562.html\");\n script_xref(name : \"URL\" , value : \"http://tomcat.apache.org/security-5.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-14T18:59:52", "description": "Oracle Linux Local Security Checks ELSA-2009-1164", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1164", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310122466", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122466", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122466\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:45:57 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1164\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1164 - tomcat security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1164\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1164.html\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat5 CESA-2009:1164 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880716", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880716", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat5 CESA-2009:1164 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-July/016048.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880716\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2009:1164\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_name(\"CentOS Update for tomcat5 CESA-2009:1164 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"tomcat5 on CentOS 5\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\n address all possible flaws in the way Tomcat handles certain characters and\n character sequences in cookie values. A remote attacker could use this flaw\n to obtain sensitive information, such as session IDs, and then use this\n information for session hijacking attacks. (CVE-2007-5333)\n\n Note: The fix for the CVE-2007-5333 flaw changes the default cookie\n processing behavior: with this update, version 0 cookies that contain\n values that must be quoted to be valid are automatically changed to version\n 1 cookies. To reactivate the previous, but insecure behavior, add the\n following entry to the '/etc/tomcat5/catalina.properties' file:\n\n org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\n It was discovered that request dispatchers did not properly normalize user\n requests that have trailing query strings, allowing remote attackers to\n send specially-crafted requests that would cause an information leak.\n (CVE-2008-5515)\n\n A flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\n connector processes AJP connections. An attacker could use this flaw to\n send specially-crafted requests that would cause a temporary denial of\n service. (CVE-2009-0033)\n\n It was discovered that the error checking methods of certain authentication\n classes did not have sufficient error checking, allowing remote attackers\n to enumerate (via brute force methods) usernames registered with\n applications running on Tomcat when FORM-based authentication was used.\n (CVE-2009-0580)\n\n A cross-site scripting (XSS) flaw was found in the examples calendar\n application. With some web browsers, remote attackers could use this flaw\n to inject arbitrary web script or HTML via the 'time' parameter.\n (CVE-2009-0781)\n\n It was discovered that web applications containing their own XML parsers\n could replace the XML parser Tomcat uses to parse configuration files. A\n malicious web application running on a Tomcat instance could read or,\n potentially, modify the configuration and XML-based data of other web\n applications deployed on the same Tomcat instance. (CVE-2009-0783)\n\n Users of Tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues. Tomcat must be restarted for\n this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-27T10:56:13", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1562.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1562", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66182", "href": "http://plugins.openvas.org/nasl.php?oid=66182", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1562.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1562 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1562.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66182);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:1562\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1562.html\");\n script_xref(name : \"URL\" , value : \"http://tomcat.apache.org/security-5.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp_4rh.16\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:47", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat5 CESA-2009:1164 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880716", "href": "http://plugins.openvas.org/nasl.php?oid=880716", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat5 CESA-2009:1164 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\n address all possible flaws in the way Tomcat handles certain characters and\n character sequences in cookie values. A remote attacker could use this flaw\n to obtain sensitive information, such as session IDs, and then use this\n information for session hijacking attacks. (CVE-2007-5333)\n\n Note: The fix for the CVE-2007-5333 flaw changes the default cookie\n processing behavior: with this update, version 0 cookies that contain\n values that must be quoted to be valid are automatically changed to version\n 1 cookies. To reactivate the previous, but insecure behavior, add the\n following entry to the &quot;/etc/tomcat5/catalina.properties&quot; file:\n\n org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\n It was discovered that request dispatchers did not properly normalize user\n requests that have trailing query strings, allowing remote attackers to\n send specially-crafted requests that would cause an information leak.\n (CVE-2008-5515)\n\n A flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\n connector processes AJP connections. An attacker could use this flaw to\n send specially-crafted requests that would cause a temporary denial of\n service. (CVE-2009-0033)\n\n It was discovered that the error checking methods of certain authentication\n classes did not have sufficient error checking, allowing remote attackers\n to enumerate (via brute force methods) usernames registered with\n applications running on Tomcat when FORM-based authentication was used.\n (CVE-2009-0580)\n\n A cross-site scripting (XSS) flaw was found in the examples calendar\n application. With some web browsers, remote attackers could use this flaw\n to inject arbitrary web script or HTML via the &quot;time&quot; parameter.\n (CVE-2009-0781)\n\n It was discovered that web applications containing their own XML parsers\n could replace the XML parser Tomcat uses to parse configuration files. A\n malicious web application running on a Tomcat instance could read or,\n potentially, modify the configuration and XML-based data of other web\n applications deployed on the same Tomcat instance. (CVE-2009-0783)\n\n Users of Tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues. Tomcat must be restarted for\n this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"tomcat5 on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-July/016048.html\");\n script_id(880716);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2009:1164\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_name(\"CentOS Update for tomcat5 CESA-2009:1164 centos5 i386\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:38", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1164.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1164", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64452", "href": "http://plugins.openvas.org/nasl.php?oid=64452", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1164.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1164 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1164.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the time parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64452);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:1164\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1164.html\");\n script_xref(name : \"URL\" , value : \"http://tomcat.apache.org/security-5.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:29", "description": "The remote host is missing updates to tomcat announced in\nadvisory CESA-2009:1164.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1164 (tomcat)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064582", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064582", "sourceData": "#CESA-2009:1164 64582 2\n# $Id: ovcesa2009_1164.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1164 (tomcat)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1164\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1164\";\ntag_summary = \"The remote host is missing updates to tomcat announced in\nadvisory CESA-2009:1164.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64582\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Security Advisory CESA-2009:1164 (tomcat)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:49", "description": "The remote host is missing updates to tomcat announced in\nadvisory CESA-2009:1164.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1164 (tomcat)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64582", "href": "http://plugins.openvas.org/nasl.php?oid=64582", "sourceData": "#CESA-2009:1164 64582 2\n# $Id: ovcesa2009_1164.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1164 (tomcat)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1164\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1164\";\ntag_summary = \"The remote host is missing updates to tomcat announced in\nadvisory CESA-2009:1164.\";\n\n\n\nif(description)\n{\n script_id(64582);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Security Advisory CESA-2009:1164 (tomcat)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_3.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:15", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1563.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1563", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066183", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066183", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1563.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1563 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1563.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66183\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:1563\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1563.html\");\n script_xref(name : \"URL\" , value : \"http://tomcat.apache.org/security-5.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:38", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1563.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1563", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66183", "href": "http://plugins.openvas.org/nasl.php?oid=66183", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1563.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1563 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1563.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the /etc/tomcat5/catalina.properties file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66183);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:1563\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1563.html\");\n script_xref(name : \"URL\" , value : \"http://tomcat.apache.org/security-5.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp_18rh\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:41:07", "description": "Check for the Version of Tomcat Servlet Engine", "cvss3": {}, "published": "2009-10-22T00:00:00", "type": "openvas", "title": "HP-UX Update for Tomcat Servlet Engine HPSBUX02466", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310835223", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835223", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Tomcat Servlet Engine HPSBUX02466\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n unauthorized access\";\ntag_affected = \"Tomcat Servlet Engine on\n HP-UX B.11.11, B.11.23 and B.11.31 running Tomcat-based Servlet Engine\n v5.5.27.02 or earlier\";\ntag_insight = \"Potential security vulnerabilities have been identified with HP-UX running\n Tomcat-based Servlet Engine. The vulnerabilities could be exploited remotely\n to cause a Denial of Service (DoS) or unauthorized access. Tomcat-based\n Servlet Engine is contained in the Apache Web Server Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01908935-1\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835223\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-22 15:43:41 +0200 (Thu, 22 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"HPSBUX\", value: \"02466\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_name(\"HP-UX Update for Tomcat Servlet Engine HPSBUX02466\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Tomcat Servlet Engine\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.27.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.27.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.5.5.27.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:50", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:136.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:136 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064283", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064283", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_136.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:136 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple security vulnerabilities has been identified and fixed\nin tomcat5:\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n6.0.18, and possibly earlier versions normalizes the target pathname\nbefore filtering the query string when using the RequestDispatcher\nmethod, which allows remote attackers to bypass intended access\nrestrictions and conduct directory traversal attacks via .. (dot dot)\nsequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n6.0.0 through 6.0.18, when FORM authentication is used, allows\nremote attackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering protection\nineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than\nthe target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally\nApache Tomcat has been upgraded to the latest 5.5.27 version for\n2009.0.\n\nAffected: 2009.0, 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:136\nhttp://tomcat.apache.org/security-5.html\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:136.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64283\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:136 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:28", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:163.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:163 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064496", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064496", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_163.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:163 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple security vulnerabilities has been identified and fixed\nin tomcat5:\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n6.0.18, and possibly earlier versions normalizes the target pathname\nbefore filtering the query string when using the RequestDispatcher\nmethod, which allows remote attackers to bypass intended access\nrestrictions and conduct directory traversal attacks via .. (dot dot)\nsequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n6.0.0 through 6.0.18, when FORM authentication is used, allows\nremote attackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering protection\nineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than\nthe target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally\nApache Tomcat has been upgraded to the latest 5.5.27 version for MES5.\n\nAffected: Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:163\nhttp://tomcat.apache.org/security-5.html\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:163.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64496\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:163 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:31", "description": "The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11374.", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-11374 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066326", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066326", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11374.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11374 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and\nCVE-2009-0783.\n\nChangeLog:\n\n* Mon Nov 9 2009 Alexander Kurtakov 0:6.0.20-1\n- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat6' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11374\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11374.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66326\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Core 11 FEDORA-2009-11374 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533903\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1\", rpm:\"tomcat6-jsp-2.1~api~6.0.20\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5\", rpm:\"tomcat6-servlet-2.5~api~6.0.20\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:22", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:138.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:138 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064284", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064284", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_138.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:138 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple security vulnerabilities has been identified and fixed\nin tomcat5:\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n6.0.18, and possibly earlier versions normalizes the target pathname\nbefore filtering the query string when using the RequestDispatcher\nmethod, which allows remote attackers to bypass intended access\nrestrictions and conduct directory traversal attacks via .. (dot dot)\nsequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n6.0.0 through 6.0.18, when FORM authentication is used, allows\nremote attackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering protection\nineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than\nthe target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally\nApache Tomcat has been upgraded to the latest 5.5.27 version for\n2009.0.\n\nAffected: 2009.0, 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:138\nhttp://tomcat.apache.org/security-5.html\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:138.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64284\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:138 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:46", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Tomcat 5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65877", "href": "http://plugins.openvas.org/nasl.php?oid=65877", "sourceData": "#\n#VID slesp2-tomcat5-6352\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Tomcat 5\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65877);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES10: Security update for Tomcat 5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.0.30~27.40\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.0.30~27.40\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.0.30~27.40\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:54", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Tomcat 5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065877", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065877", "sourceData": "#\n#VID slesp2-tomcat5-6352\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Tomcat 5\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65877\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES10: Security update for Tomcat 5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.0.30~27.40\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.0.30~27.40\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.0.30~27.40\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:07", "description": "The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11374.", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-11374 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66326", "href": "http://plugins.openvas.org/nasl.php?oid=66326", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11374.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11374 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and\nCVE-2009-0783.\n\nChangeLog:\n\n* Mon Nov 9 2009 Alexander Kurtakov 0:6.0.20-1\n- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat6' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11374\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11374.\";\n\n\n\nif(description)\n{\n script_id(66326);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Core 11 FEDORA-2009-11374 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533903\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1\", rpm:\"tomcat6-jsp-2.1~api~6.0.20\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5\", rpm:\"tomcat6-servlet-2.5~api~6.0.20\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.20~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:05", "description": "The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11352.", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-11352 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66329", "href": "http://plugins.openvas.org/nasl.php?oid=66329", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11352.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11352 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and\nCVE-2009-0783.\n\nChangeLog:\n\n* Mon Nov 9 2009 Alexander Kurtakov 0:6.0.20-1\n- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat6' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11352\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11352.\";\n\n\n\nif(description)\n{\n script_id(66329);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Core 12 FEDORA-2009-11352 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533903\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1\", rpm:\"tomcat6-jsp-2.1~api~6.0.20\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5\", rpm:\"tomcat6-servlet-2.5~api~6.0.20\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:20", "description": "The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11356.", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-11356 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66330", "href": "http://plugins.openvas.org/nasl.php?oid=66330", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11356.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11356 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and\nCVE-2009-0783.\n\nChangeLog:\n\n* Mon Nov 9 2009 Alexander Kurtakov 0:6.0.20-1\n- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat6' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11356\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11356.\";\n\n\n\nif(description)\n{\n script_id(66330);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Core 10 FEDORA-2009-11356 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533903\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1\", rpm:\"tomcat6-jsp-2.1~api~6.0.20\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5\", rpm:\"tomcat6-servlet-2.5~api~6.0.20\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:23", "description": "The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11352.", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-11352 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066329", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066329", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11352.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11352 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and\nCVE-2009-0783.\n\nChangeLog:\n\n* Mon Nov 9 2009 Alexander Kurtakov 0:6.0.20-1\n- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat6' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11352\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11352.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66329\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Core 12 FEDORA-2009-11352 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533903\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1\", rpm:\"tomcat6-jsp-2.1~api~6.0.20\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5\", rpm:\"tomcat6-servlet-2.5~api~6.0.20\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.20~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:21", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n jakarta-tomcat-examples\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat-doc\n jakarta-tomcat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5055024 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Tomcat", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65047", "href": "http://plugins.openvas.org/nasl.php?oid=65047", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5055024.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Tomcat\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n jakarta-tomcat-examples\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat-doc\n jakarta-tomcat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5055024 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65047);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES9: Security update for Tomcat\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"jakarta-tomcat-examples\", rpm:\"jakarta-tomcat-examples~5.0.19~29.23\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:57", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:136.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:136 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64283", "href": "http://plugins.openvas.org/nasl.php?oid=64283", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_136.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:136 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple security vulnerabilities has been identified and fixed\nin tomcat5:\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n6.0.18, and possibly earlier versions normalizes the target pathname\nbefore filtering the query string when using the RequestDispatcher\nmethod, which allows remote attackers to bypass intended access\nrestrictions and conduct directory traversal attacks via .. (dot dot)\nsequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n6.0.0 through 6.0.18, when FORM authentication is used, allows\nremote attackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering protection\nineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than\nthe target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally\nApache Tomcat has been upgraded to the latest 5.5.27 version for\n2009.0.\n\nAffected: 2009.0, 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:136\nhttp://tomcat.apache.org/security-5.html\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:136.\";\n\n \n\nif(description)\n{\n script_id(64283);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:136 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:10", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:163.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:163 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64496", "href": "http://plugins.openvas.org/nasl.php?oid=64496", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_163.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:163 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple security vulnerabilities has been identified and fixed\nin tomcat5:\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n6.0.18, and possibly earlier versions normalizes the target pathname\nbefore filtering the query string when using the RequestDispatcher\nmethod, which allows remote attackers to bypass intended access\nrestrictions and conduct directory traversal attacks via .. (dot dot)\nsequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n6.0.0 through 6.0.18, when FORM authentication is used, allows\nremote attackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering protection\nineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than\nthe target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally\nApache Tomcat has been upgraded to the latest 5.5.27 version for MES5.\n\nAffected: Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:163\nhttp://tomcat.apache.org/security-5.html\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:163.\";\n\n \n\nif(description)\n{\n script_id(64496);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:163 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-02-02T13:17:35", "description": "The remote host is missing an update to tomcat6\nannounced via advisory USN-788-1.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "Ubuntu USN-788-1 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-02-01T00:00:00", "id": "OPENVAS:64262", "href": "http://plugins.openvas.org/nasl.php?oid=64262", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_788_1.nasl 8616 2018-02-01 08:24:13Z cfischer $\n# $Id: ubuntu_788_1.nasl 8616 2018-02-01 08:24:13Z cfischer $\n# Description: Auto-generated from advisory USN-788-1 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.10:\n libtomcat6-java 6.0.18-0ubuntu3.2\n tomcat6-examples 6.0.18-0ubuntu3.2\n\nUbuntu 9.04:\n libtomcat6-java 6.0.18-0ubuntu6.1\n tomcat6-examples 6.0.18-0ubuntu6.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-788-1\";\n\ntag_insight = \"Iida Minehiko discovered that Tomcat did not properly normalise paths. A\nremote attacker could send specially crafted requests to the server and\nbypass security restrictions, gaining access to sensitive content.\n(CVE-2008-5515)\n\nYoshihito Fukuyama discovered that Tomcat did not properly handle errors\nwhen the Java AJP connector and mod_jk load balancing are used. A remote\nattacker could send specially crafted requests containing invalid headers\nto the server and cause a temporary denial of service. (CVE-2009-0033)\n\nD. Matscheko and T. Hackner discovered that Tomcat did not properly handle\nmalformed URL encoding of passwords when FORM authentication is used. A\nremote attacker could exploit this in order to enumerate valid usernames.\n(CVE-2009-0580)\n\nDeniz Cevik discovered that Tomcat did not properly escape certain\nparameters in the example calendar application which could result in\nbrowsers becoming vulnerable to cross-site scripting attacks when\nprocessing the output. With cross-site scripting vulnerabilities, if a user\nwere tricked into viewing server output during a crafted server request, a\nremote attacker could exploit this to modify the contents, or steal\nconfidential data (such as passwords), within the same domain.\n(CVE-2009-0781)\n\nPhilippe Prados discovered that Tomcat allowed web applications to replace\nthe XML parser used by other web applications. Local users could exploit\nthis to bypass security restrictions and gain access to certain sensitive\nfiles. (CVE-2009-0783)\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory USN-788-1.\";\n\n \n\n\nif(description)\n{\n script_id(64262);\n script_version(\"$Revision: 8616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-01 09:24:13 +0100 (Thu, 01 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Ubuntu USN-788-1 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-788-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.18-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java-doc\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet2.5-java\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-admin\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-common\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-docs\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-examples\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6-user\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat6\", ver:\"6.0.18-0ubuntu6.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(port:0, data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:03", "description": "The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11356.", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-11356 (tomcat6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066330", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066330", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11356.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11356 (tomcat6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and\nCVE-2009-0783.\n\nChangeLog:\n\n* Mon Nov 9 2009 Alexander Kurtakov 0:6.0.20-1\n- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat6' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11356\";\ntag_summary = \"The remote host is missing an update to tomcat6\nannounced via advisory FEDORA-2009-11356.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66330\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Core 10 FEDORA-2009-11356 (tomcat6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533903\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-admin-webapps\", rpm:\"tomcat6-admin-webapps~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-docs-webapp\", rpm:\"tomcat6-docs-webapp~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-javadoc\", rpm:\"tomcat6-javadoc~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-jsp-2.1\", rpm:\"tomcat6-jsp-2.1~api~6.0.20\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-lib\", rpm:\"tomcat6-lib~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-servlet-2.5\", rpm:\"tomcat6-servlet-2.5~api~6.0.20\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat6-webapps\", rpm:\"tomcat6-webapps~6.0.20~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:00", "description": "Check for the Version of Tomcat Servlet Engine", "cvss3": {}, "published": "2009-10-22T00:00:00", "type": "openvas", "title": "HP-UX Update for Tomcat Servlet Engine HPSBUX02466", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835223", "href": "http://plugins.openvas.org/nasl.php?oid=835223", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Tomcat Servlet Engine HPSBUX02466\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n unauthorized access\";\ntag_affected = \"Tomcat Servlet Engine on\n HP-UX B.11.11, B.11.23 and B.11.31 running Tomcat-based Servlet Engine\n v5.5.27.02 or earlier\";\ntag_insight = \"Potential security vulnerabilities have been identified with HP-UX running\n Tomcat-based Servlet Engine. The vulnerabilities could be exploited remotely\n to cause a Denial of Service (DoS) or unauthorized access. Tomcat-based\n Servlet Engine is contained in the Apache Web Server Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01908935-1\");\n script_id(835223);\n script_version(\"$Revision: 6584 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-22 15:43:41 +0200 (Thu, 22 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"HPSBUX\", value: \"02466\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_name(\"HP-UX Update for Tomcat Servlet Engine HPSBUX02466\");\n\n script_summary(\"Check for the Version of Tomcat Servlet Engine\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.27.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.27.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.5.5.27.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:08", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:138.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:138 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64284", "href": "http://plugins.openvas.org/nasl.php?oid=64284", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_138.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:138 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple security vulnerabilities has been identified and fixed\nin tomcat5:\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n6.0.18, and possibly earlier versions normalizes the target pathname\nbefore filtering the query string when using the RequestDispatcher\nmethod, which allows remote attackers to bypass intended access\nrestrictions and conduct directory traversal attacks via .. (dot dot)\nsequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n6.0.0 through 6.0.18, when FORM authentication is used, allows\nremote attackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering protection\nineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than\nthe target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally\nApache Tomcat has been upgraded to the latest 5.5.27 version for\n2009.0.\n\nAffected: 2009.0, 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:138\nhttp://tomcat.apache.org/security-5.html\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:138.\";\n\n \n\nif(description)\n{\n script_id(64284);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:138 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.27~0.3.0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:41", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n jakarta-tomcat-examples\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat-doc\n jakarta-tomcat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5055024 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Tomcat", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065047", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065047", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5055024.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Tomcat\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n jakarta-tomcat-examples\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat-doc\n jakarta-tomcat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5055024 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65047\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES9: Security update for Tomcat\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"jakarta-tomcat-examples\", rpm:\"jakarta-tomcat-examples~5.0.19~29.23\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:21", "description": "This host is running Apache Tomcat Server and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-06-16T00:00:00", "type": "openvas", "title": "Apache Tomcat Multiple Vulnerabilities - Jun09", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310800813", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800813", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat Multiple Vulnerabilities - Jun09\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800813\");\n script_version(\"2019-05-10T11:41:35+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 11:41:35 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2009-06-16 15:11:01 +0200 (Tue, 16 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\", \"CVE-2008-5515\");\n script_bugtraq_id(35193, 35196);\n script_name(\"Apache Tomcat Multiple Vulnerabilities - Jun09\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-5.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-4.html\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id?1022336\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2009/1496\");\n script_xref(name:\"URL\", value:\"http://svn.apache.org/viewvc?view=rev&revision=781708\");\n\n script_tag(name:\"impact\", value:\"Successful attempt could lead to remote code execution and attacker can gain\n the full permission on affected file, and can cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat version 6.0.0 to 6.0.18\n\n Apache Tomcat version 5.5.0 to 5.5.27\n\n Apache Tomcat version 4.1.0 to 4.1.39\");\n\n script_tag(name:\"insight\", value:\"Multiple flows are due to,\n\n - Error in 'XML parser' used for other web applications, which allows local users to\n read or modify the web.xml, context.xml, or tld files via a crafted application\n that is loaded earlier than the target application.\n\n - when FORM authentication is used, cause enumerate valid usernames via requests\n to /j_security_check with malformed URL encoding of passwords, related to\n improper error checking in the MemoryRealm, DataSourceRealm, and JDBCRealm\n authentication realms, as demonstrated by a % (percent) value for the j_password parameter.\n\n - when the 'Java AJP connector' and 'mod_jk load balancing' are used, via a\n crafted request with invalid headers, related to temporary blocking of\n connectors that have encountered errors, as demonstrated by an error\n involving a malformed HTTP Host header.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache Tomcat version 4.1.40, or 5.5.28, or 6.0.20 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is running Apache Tomcat Server and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif( version_in_range( version:vers, test_version:\"4.1.0\", test_version2:\"4.1.39\" ) ||\n version_in_range( version:vers, test_version:\"5.5.0\", test_version2:\"5.5.27\" ) ||\n version_in_range( version:vers, test_version:\"6.0.0\", test_version2:\"6.0.18\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"4.1.40/5.5.28/6.0.20\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the Apache Running Tomcat Servlet Engine package(s) announced via the referenced advisory.", "cvss3": {}, "published": "2011-01-04T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2010-1157", "CVE-2010-2227", "CVE-2009-0783"], "modified": "2018-10-04T00:00:00", "id": "OPENVAS:1361412562310835243", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835243", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_ux_HPSBUX02579.nasl 11739 2018-10-04 07:49:31Z cfischer $\n#\n# HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02515878\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835243\");\n script_version(\"$Revision: 11739 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-04 09:49:31 +0200 (Thu, 04 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-04 15:48:51 +0100 (Tue, 04 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"HPSBUX\", value:\"02579\");\n script_cve_id(\"CVE-2010-2227\", \"CVE-2010-1157\", \"CVE-2009-0783\", \"CVE-2009-0781\", \"CVE-2009-0580\", \"CVE-2009-0033\", \"CVE-2008-5515\");\n script_name(\"HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Apache Running Tomcat Servlet Engine package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/hp_pkgrev\", re:\"ssh/login/release=HPUX(11\\.31|11\\.23)\");\n\n script_tag(name:\"impact\", value:\"Remote information disclosure\");\n\n script_tag(name:\"affected\", value:\"Apache Running Tomcat Servlet Engine on HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.12 or\n earlier\");\n\n script_tag(name:\"insight\", value:\"Potential security vulnerabilities have been identified with HP-UX Apache\n Running Tomcat Servlet Engine. These vulnerabilities could be exploited\n remotely to disclose information, allows unauthorized modification, or\n create a Denial of Service (DoS). The Tomcat-based Servlet Engine is\n contained in the HP-UX Apache Web Server Suite.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = hpux_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.30.01\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.30.01\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:35", "description": "Check for the Version of Apache Running Tomcat Servlet Engine", "cvss3": {}, "published": "2011-01-04T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2010-1157", "CVE-2010-2227", "CVE-2009-0783"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835243", "href": "http://plugins.openvas.org/nasl.php?oid=835243", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote information disclosure\";\ntag_affected = \"Apache Running Tomcat Servlet Engine on\n HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.12 or \n earlier\";\ntag_insight = \"Potential security vulnerabilities have been identified with HP-UX Apache \n Running Tomcat Servlet Engine. These vulnerabilities could be exploited \n remotely to disclose information, allows unauthorized modification, or \n create a Denial of Service (DoS). The Tomcat-based Servlet Engine is \n contained in the HP-UX Apache Web Server Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02515878\");\n script_id(835243);\n script_version(\"$Revision: 6582 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:11:56 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-04 15:48:51 +0100 (Tue, 04 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02579\");\n script_cve_id(\"CVE-2010-2227\", \"CVE-2010-1157\", \"CVE-2009-0783\", \"CVE-2009-0781\", \"CVE-2009-0580\", \"CVE-2009-0033\", \"CVE-2008-5515\");\n script_name(\"HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579\");\n\n script_summary(\"Check for the Version of Apache Running Tomcat Servlet Engine\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.30.01\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.5.5.30.01\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:39", "description": "The remote host is missing an update to tomcat5.5\nannounced via advisory DSA 2207-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2207-1 (tomcat5.5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-2693", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2010-1157", "CVE-2010-2227", "CVE-2009-0783", "CVE-2009-2902"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069417", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069417", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2207_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2207-1 (tomcat5.5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69417\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_name(\"Debian Security Advisory DSA 2207-1 (tomcat5.5)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB5\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202207-1\");\n script_tag(name:\"insight\", value:\"Various vulnerabilities have been discovered in the Tomcat Servlet and\nJSP engine, resulting in denial of service, cross-site scripting,\ninformation disclosure and WAR file traversal.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.5.26-5lenny2.\n\nThe stable distribution (squeeze) no longer contains tomcat5.5. tomcat6\nis already fixed.\n\nThe unstable distribution (sid) no longer contains tomcat5.5. tomcat6\nis already fixed.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your tomcat5.5 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to tomcat5.5\nannounced via advisory DSA 2207-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libtomcat5.5-java\", ver:\"5.5.26-5lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat5.5\", ver:\"5.5.26-5lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat5.5-admin\", ver:\"5.5.26-5lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat5.5-webapps\", ver:\"5.5.26-5lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:37", "description": "The remote host is missing an update to tomcat5.5\nannounced via advisory DSA 2207-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2207-1 (tomcat5.5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-2693", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2010-1157", "CVE-2010-2227", "CVE-2009-0783", "CVE-2009-2902"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69417", "href": "http://plugins.openvas.org/nasl.php?oid=69417", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2207_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2207-1 (tomcat5.5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Various vulnerabilities have been discovered in the Tomcat Servlet and\nJSP engine, resulting in denial of service, cross-site scripting,\ninformation disclosure and WAR file traversal. Further details on the\nindividual security issues can be found at\nhttp://tomcat.apache.org/security-5.html.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.5.26-5lenny2.\n\nThe stable distribution (squeeze) no longer contains tomcat5.5. tomcat6\nis already fixed.\n\nThe unstable distribution (sid) no longer contains tomcat5.5. tomcat6\nis already fixed.\n\nWe recommend that you upgrade your tomcat5.5 packages.\";\ntag_summary = \"The remote host is missing an update to tomcat5.5\nannounced via advisory DSA 2207-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202207-1\";\n\n\nif(description)\n{\n script_id(69417);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_name(\"Debian Security Advisory DSA 2207-1 (tomcat5.5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libtomcat5.5-java\", ver:\"5.5.26-5lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat5.5\", ver:\"5.5.26-5lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat5.5-admin\", ver:\"5.5.26-5lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat5.5-webapps\", ver:\"5.5.26-5lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:41", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2010-09-14T00:00:00", "type": "openvas", "title": "Mandriva Update for tomcat5 MDVSA-2010:176 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-2693", "CVE-2009-0580", "CVE-2008-5515", "CVE-2010-1157", "CVE-2009-2901", "CVE-2010-2227", "CVE-2009-0783", "CVE-2007-3385", "CVE-2009-2902"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:1361412562310831148", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831148", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tomcat5 MDVSA-2010:176 (tomcat5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in tomcat5:\n\n Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0\n through 4.1.36 does not properly handle (1) double quote (&quot;) characters\n or (2) \\%5C (encoded backslash) sequences in a cookie value, which\n might cause sensitive information such as session IDs to be leaked\n to remote attackers and enable session hijacking attacks. NOTE:\n this issue exists because of an incomplete fix for CVE-2007-3385\n (CVE-2007-5333).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n 6.0.18, and possibly earlier versions normalizes the target pathname\n before filtering the query string when using the RequestDispatcher\n method, which allows remote attackers to bypass intended access\n restrictions and conduct directory traversal attacks via .. (dot dot)\n sequences and the WEB-INF directory in a Request (CVE-2008-5515).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\n through 6.0.18, when the Java AJP connector and mod_jk load balancing\n are used, allows remote attackers to cause a denial of service\n (application outage) via a crafted request with invalid headers,\n related to temporary blocking of connectors that have encountered\n errors, as demonstrated by an error involving a malformed HTTP Host\n header (CVE-2009-0033).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n 6.0.0 through 6.0.18, when FORM authentication is used, allows\n remote attackers to enumerate valid usernames via requests to\n /j_security_check with malformed URL encoding of passwords, related to\n improper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\n and (3) JDBCRealm authentication realms, as demonstrated by a \\%\n (percent) value for the j_password parameter (CVE-2009-0580).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\n through 6.0.18 permits web applications to replace an XML parser used\n for other web applications, which allows local users to read or modify\n the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\n applications via a crafted application that is loaded earlier than\n the target application (CVE-2009-0783).\n \n Directory traversal vulnerability in Apache Tomcat 5.5.0 through\n 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or\n overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file,\n as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693).\n \n The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 a ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"tomcat5 on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-09/msg00010.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831148\");\n script_version(\"$Revision: 8246 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 08:29:20 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-14 15:35:55 +0200 (Tue, 14 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:176\");\n script_cve_id(\"CVE-2007-3385\", \"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2901\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_name(\"Mandriva Update for tomcat5 MDVSA-2010:176 (tomcat5)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:51", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2010-09-14T00:00:00", "type": "openvas", "title": "Mandriva Update for tomcat5 MDVSA-2010:176 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-2693", "CVE-2009-0580", "CVE-2008-5515", "CVE-2010-1157", "CVE-2009-2901", "CVE-2010-2227", "CVE-2009-0783", "CVE-2007-3385", "CVE-2009-2902"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:831148", "href": "http://plugins.openvas.org/nasl.php?oid=831148", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tomcat5 MDVSA-2010:176 (tomcat5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in tomcat5:\n\n Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0\n through 4.1.36 does not properly handle (1) double quote (&quot;) characters\n or (2) \\%5C (encoded backslash) sequences in a cookie value, which\n might cause sensitive information such as session IDs to be leaked\n to remote attackers and enable session hijacking attacks. NOTE:\n this issue exists because of an incomplete fix for CVE-2007-3385\n (CVE-2007-5333).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through\n 6.0.18, and possibly earlier versions normalizes the target pathname\n before filtering the query string when using the RequestDispatcher\n method, which allows remote attackers to bypass intended access\n restrictions and conduct directory traversal attacks via .. (dot dot)\n sequences and the WEB-INF directory in a Request (CVE-2008-5515).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\n through 6.0.18, when the Java AJP connector and mod_jk load balancing\n are used, allows remote attackers to cause a denial of service\n (application outage) via a crafted request with invalid headers,\n related to temporary blocking of connectors that have encountered\n errors, as demonstrated by an error involving a malformed HTTP Host\n header (CVE-2009-0033).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n 6.0.0 through 6.0.18, when FORM authentication is used, allows\n remote attackers to enumerate valid usernames via requests to\n /j_security_check with malformed URL encoding of passwords, related to\n improper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\n and (3) JDBCRealm authentication realms, as demonstrated by a \\%\n (percent) value for the j_password parameter (CVE-2009-0580).\n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\n through 6.0.18 permits web applications to replace an XML parser used\n for other web applications, which allows local users to read or modify\n the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\n applications via a crafted application that is loaded earlier than\n the target application (CVE-2009-0783).\n \n Directory traversal vulnerability in Apache Tomcat 5.5.0 through\n 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or\n overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file,\n as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693).\n \n The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 a ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"tomcat5 on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-09/msg00010.php\");\n script_id(831148);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-14 15:35:55 +0200 (Tue, 14 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:176\");\n script_cve_id(\"CVE-2007-3385\", \"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2901\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_name(\"Mandriva Update for tomcat5 MDVSA-2010:176 (tomcat5)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~9.2.10.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-15T11:57:50", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat6 FEDORA-2010-16248", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2010-2227"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:862500", "href": "http://plugins.openvas.org/nasl.php?oid=862500", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat6 FEDORA-2010-16248\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License version 2.0. Tomcat is intended\n to be a collaboration of the best-of-breed developers from around the world.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"tomcat6 on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html\");\n script_id(862500);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-16248\");\n script_cve_id(\"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2010-2227\");\n script_name(\"Fedora Update for tomcat6 FEDORA-2010-16248\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.26~3.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:54:26", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat6 FEDORA-2010-16248", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2009-0580", "CVE-2010-2227"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:1361412562310862500", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862500", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat6 FEDORA-2010-16248\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License version 2.0. Tomcat is intended\n to be a collaboration of the best-of-breed developers from around the world.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"tomcat6 on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862500\");\n script_version(\"$Revision: 8269 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 08:28:22 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-16248\");\n script_cve_id(\"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2010-2227\");\n script_name(\"Fedora Update for tomcat6 FEDORA-2010-16248\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.26~3.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:28:48", "description": "The remote host is missing an update to gst-plugins-good0.10\nannounced via advisory USN-789-1.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Ubuntu USN-789-1 (gst-plugins-good0.10)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1202", "CVE-2009-1932", "CVE-2009-0033", "CVE-2009-2045", "CVE-2009-2046", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-1163", "CVE-2009-1760", "CVE-2009-0688", "CVE-2009-0783", "CVE-2009-1203", "CVE-2009-1201", "CVE-2009-1440"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64318", "href": "http://plugins.openvas.org/nasl.php?oid=64318", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_789_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_789_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-789-1 (gst-plugins-good0.10)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n gstreamer0.10-plugins-good 0.10.3-0ubuntu4.2\n\nUbuntu 8.04 LTS:\n gstreamer0.10-plugins-good 0.10.7-3ubuntu0.3\n\nUbuntu 8.10:\n gstreamer0.10-plugins-good 0.10.10.4-1ubuntu1.2\n\nUbuntu 9.04:\n gstreamer0.10-plugins-good 0.10.14-1ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-789-1\";\n\ntag_insight = \"Tielei Wang discovered that GStreamer Good Plugins did not correctly handle\nmalformed PNG image files. If a user were tricked into opening a crafted\nPNG image file with a GStreamer application, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary code\nwith the privileges of the user invoking the program.\";\ntag_summary = \"The remote host is missing an update to gst-plugins-good0.10\nannounced via advisory USN-789-1.\";\n\n \n\n\nif(description)\n{\n script_id(64318);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1932\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-1440\", \"CVE-2009-1201\", \"CVE-2009-1202\", \"CVE-2009-1203\", \"CVE-2009-1760\", \"CVE-2009-1163\", \"CVE-2009-2045\", \"CVE-2009-2046\", \"CVE-2009-0688\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu USN-789-1 (gst-plugins-good0.10)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-789-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-doc\", ver:\"0.10.3-0ubuntu4.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-esd\", ver:\"0.10.3-0ubuntu4.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-dbg\", ver:\"0.10.3-0ubuntu4.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good\", ver:\"0.10.3-0ubuntu4.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-doc\", ver:\"0.10.7-3ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-esd\", ver:\"0.10.7-3ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-dbg\", ver:\"0.10.7-3ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good\", ver:\"0.10.7-3ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-doc\", ver:\"0.10.10.4-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-esd\", ver:\"0.10.10.4-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-dbg\", ver:\"0.10.10.4-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good\", ver:\"0.10.10.4-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-pulseaudio\", ver:\"0.10.10.4-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-doc\", ver:\"0.10.14-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-esd\", ver:\"0.10.14-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good-dbg\", ver:\"0.10.14-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-good\", ver:\"0.10.14-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-pulseaudio\", ver:\"0.10.14-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"amule-common\", ver:\"2.2.1-1+lenny2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"amule-utils\", ver:\"2.2.1-1+lenny2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"amule-utils-gui\", ver:\"2.2.1-1+lenny2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"amule-daemon\", ver:\"2.2.1-1+lenny2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"amule\", ver:\"2.2.1-1+lenny2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mahara\", ver:\"1.0.4-4+lenny3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mahara-apache2\", ver:\"1.0.4-4+lenny3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-dev\", ver:\"2.1.19.dfsg1-0.1ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-sql\", ver:\"2.1.19.dfsg1-0.1ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules\", ver:\"2.1.19.dfsg1-0.1ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2\", ver:\"2.1.19.dfsg1-0.1ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sasl2-bin\", ver:\"2.1.19.dfsg1-0.1ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-heimdal\", ver:\"2.1.19.dfsg1-0.1ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-doc\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-dbg\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-2\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-dev\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-sql\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sasl2-bin\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-mit\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-ldap\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-otp\", ver:\"2.1.22.dfsg1-18ubuntu2.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-doc\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-dbg\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-2\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-dev\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-sql\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sasl2-bin\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-mit\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-ldap\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-otp\", ver:\"2.1.22.dfsg1-21ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-doc\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-dbg\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-2\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-dev\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-sql\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sasl2-bin\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-mit\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-ldap\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-otp\", ver:\"2.1.22.dfsg1-23ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:35", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:018.", "cvss3": {}, "published": "2009-01-20T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:018 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5333"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063205", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063205", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_018.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:018 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat does not properly handle certain characters in a cookie\nvalue, which could possibly lead to the leak of sensitive information\nsuch as session IDs (CVE-2007-5333).\n\nThe updated packages have been patched to prevent this issue.\n\nAffected: 2008.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:018\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:018.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63205\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2007-5333\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:018 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:56:52", "description": "The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:018.", "cvss3": {}, "published": "2009-01-20T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:018 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5333"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:63205", "href": "http://plugins.openvas.org/nasl.php?oid=63205", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_018.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:018 (tomcat5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat does not properly handle certain characters in a cookie\nvalue, which could possibly lead to the leak of sensitive information\nsuch as session IDs (CVE-2007-5333).\n\nThe updated packages have been patched to prevent this issue.\n\nAffected: 2008.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:018\";\ntag_summary = \"The remote host is missing an update to tomcat5\nannounced via advisory MDVSA-2009:018.\";\n\n \n\nif(description)\n{\n script_id(63205);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2007-5333\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:018 (tomcat5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.25~1.2.1.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2020-05-12T17:33:27", "description": "This host is running Apache Tomcat and is prone to Cross Site Scripting\n vulnerability.", "cvss3": {}, "published": "2009-03-18T00:00:00", "type": "openvas", "title": "Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0781"], "modified": "2020-05-08T00:00:00", "id": "OPENVAS:1361412562310800372", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800372", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800372\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-03-18 14:25:01 +0100 (Wed, 18 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2009-0781\");\n script_name(\"Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_mandatory_keys(\"apache/tomcat/http/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.packetstormsecurity.org/0903-exploits/CVE-2009-0781.txt\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/501538/100/0/threaded\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-5.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-4.html\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to inject arbitrary HTML\n codes in the context of the affected web application.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat version 4.1.0 to 4.1.39, 5.0.0 to 5.0.28, 5.5.0 to 5.5.27 and 6.0.0 to 6.0.18\");\n\n script_tag(name:\"insight\", value:\"The issue is due to input validation error in time parameter in\n 'jsp/cal/cal2.jsp' file in calendar application.\");\n\n script_tag(name:\"solution\", value:\"Update your Apache Tomcat to a non-affected version.\");\n\n script_tag(name:\"summary\", value:\"This host is running Apache Tomcat and is prone to Cross Site Scripting\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_app\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nif( ! port = get_app_port( cpe:CPE, service:\"www\" ) )\n exit( 0 );\n\nif( ! dir = get_app_location( cpe:CPE, port:port ) )\n exit( 0 );\n\n# XSS attack string test in 'time' parameter inside cal2.jsp page\nurl = string( \"/jsp-examples/cal/cal2.jsp?time=%74%65%73%74%3C%73%63%72%69\"+\n \"%70%74%3E%61%6C%65%72%74%28%22%61%74%74%61%63%6B%22%29%3B%3C\" +\n \"%2F%73%63%72%69%70%74%3E\" );\n\nreq = http_get( item:url, port:port );\nres = http_keepalive_send_recv( port:port, data:req, bodyonly:FALSE );\n\nif( ! res || res !~ \"^HTTP/1\\.[01] 200\" )\n exit( 0 );\n\nif( \"test\" >< res && \"attack\" >< res ) {\n report = http_report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:54", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-24.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-24 (apache tomcat)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4312", "CVE-2009-0033", "CVE-2011-1088", "CVE-2010-4172", "CVE-2011-1183", "CVE-2012-0022", "CVE-2009-2693", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2011-2204", "CVE-2011-1419", "CVE-2011-2526", "CVE-2011-2729", "CVE-2011-1582", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-4858", "CVE-2011-0534", "CVE-2011-5063", "CVE-2009-2901", "CVE-2011-5062", "CVE-2011-1184", "CVE-2010-2227", "CVE-2009-0783", "CVE-2010-3718", "CVE-2011-3375", "CVE-2011-5064", "CVE-2011-1475", "CVE-2009-2902", "CVE-2011-3190", "CVE-2011-2481"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071550", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071550", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_24.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71550\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2901\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\", \"CVE-2010-4172\", \"CVE-2010-4312\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-1088\", \"CVE-2011-1183\", \"CVE-2011-1184\", \"CVE-2011-1419\", \"CVE-2011-1475\", \"CVE-2011-1582\", \"CVE-2011-2204\", \"CVE-2011-2481\", \"CVE-2011-2526\", \"CVE-2011-2729\", \"CVE-2011-3190\", \"CVE-2011-3375\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-24 (apache tomcat)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in Apache Tomcat, the worst of\nwhich allowing to read, modify and overwrite arbitrary files.\");\n script_tag(name:\"solution\", value:\"All Apache Tomcat 6.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-6.0.35'\n\n\nAll Apache Tomcat 7.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-7.0.23'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-24\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=272566\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=273662\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=303719\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=320963\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=329937\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373987\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=374619\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=382043\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=386213\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=396401\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=399227\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-24.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-servers/tomcat\", unaffected: make_list(\"rge 6.0.35\", \"ge 7.0.23\"), vulnerable: make_list(\"rlt 5.5.34\", \"rlt 6.0.35\", \"lt 7.0.23\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:53", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-24.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-24 (apache tomcat)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4312", "CVE-2009-0033", "CVE-2011-1088", "CVE-2010-4172", "CVE-2011-1183", "CVE-2012-0022", "CVE-2009-2693", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2011-2204", "CVE-2011-1419", "CVE-2011-2526", "CVE-2011-2729", "CVE-2011-1582", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-4858", "CVE-2011-0534", "CVE-2011-5063", "CVE-2009-2901", "CVE-2011-5062", "CVE-2011-1184", "CVE-2010-2227", "CVE-2009-0783", "CVE-2010-3718", "CVE-2011-3375", "CVE-2011-5064", "CVE-2011-1475", "CVE-2009-2902", "CVE-2011-3190", "CVE-2011-2481"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71550", "href": "http://plugins.openvas.org/nasl.php?oid=71550", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in Apache Tomcat, the worst of\nwhich allowing to read, modify and overwrite arbitrary files.\";\ntag_solution = \"All Apache Tomcat 6.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-6.0.35'\n \n\nAll Apache Tomcat 7.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-7.0.23'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-24\nhttp://bugs.gentoo.org/show_bug.cgi?id=272566\nhttp://bugs.gentoo.org/show_bug.cgi?id=273662\nhttp://bugs.gentoo.org/show_bug.cgi?id=303719\nhttp://bugs.gentoo.org/show_bug.cgi?id=320963\nhttp://bugs.gentoo.org/show_bug.cgi?id=329937\nhttp://bugs.gentoo.org/show_bug.cgi?id=373987\nhttp://bugs.gentoo.org/show_bug.cgi?id=374619\nhttp://bugs.gentoo.org/show_bug.cgi?id=382043\nhttp://bugs.gentoo.org/show_bug.cgi?id=386213\nhttp://bugs.gentoo.org/show_bug.cgi?id=396401\nhttp://bugs.gentoo.org/show_bug.cgi?id=399227\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-24.\";\n\n \n \nif(description)\n{\n script_id(71550);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2901\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\", \"CVE-2010-4172\", \"CVE-2010-4312\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-1088\", \"CVE-2011-1183\", \"CVE-2011-1184\", \"CVE-2011-1419\", \"CVE-2011-1475\", \"CVE-2011-1582\", \"CVE-2011-2204\", \"CVE-2011-2481\", \"CVE-2011-2526\", \"CVE-2011-2729\", \"CVE-2011-3190\", \"CVE-2011-3375\", \"CVE-2011-4858\", \"CVE-2011-5062\", \"CVE-2011-5063\", \"CVE-2011-5064\", \"CVE-2012-0022\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-24 (apache tomcat)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-servers/tomcat\", unaffected: make_list(\"rge 6.0.35\", \"ge 7.0.23\"), vulnerable: make_list(\"rlt 5.5.34\", \"rlt 6.0.35\", \"lt 7.0.23\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:08", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Websphere Community Edition", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5518", "CVE-2009-0039", "CVE-2009-0038", "CVE-2009-0781"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065685", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065685", "sourceData": "#\n#VID 1e030cf1aa564a63a9739f4894501a93\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Websphere Community Edition\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=507806\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65685\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2008-5518\", \"CVE-2009-0038\", \"CVE-2009-0039\", \"CVE-2009-0781\");\n script_tag(name:\"cvss_base\", value:\"9.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_name(\"SLES11: Security update for Websphere Community Edition\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"websphere-as_ce\", rpm:\"websphere-as_ce~2.1.1.2~2.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:33", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Websphere Community Edition", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5518", "CVE-2009-0039", "CVE-2009-0038", "CVE-2009-0781"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065766", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065766", "sourceData": "#\n#VID slesp2-websphere-as_ce-6312\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Websphere Community Edition\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65766\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5518\", \"CVE-2009-0038\", \"CVE-2009-0039\", \"CVE-2009-0781\");\n script_tag(name:\"cvss_base\", value:\"9.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_name(\"SLES10: Security update for Websphere Community Edition\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"websphere-as_ce\", rpm:\"websphere-as_ce~2.1.1.2~0.3\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:30", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Websphere Community Edition", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5518", "CVE-2009-0039", "CVE-2009-0038", "CVE-2009-0781"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65685", "href": "http://plugins.openvas.org/nasl.php?oid=65685", "sourceData": "#\n#VID 1e030cf1aa564a63a9739f4894501a93\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Websphere Community Edition\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=507806\");\n script_id(65685);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2008-5518\", \"CVE-2009-0038\", \"CVE-2009-0039\", \"CVE-2009-0781\");\n script_tag(name:\"cvss_base\", value:\"9.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_name(\"SLES11: Security update for Websphere Community Edition\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"websphere-as_ce\", rpm:\"websphere-as_ce~2.1.1.2~2.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:58", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Websphere Community Edition", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5518", "CVE-2009-0039", "CVE-2009-0038", "CVE-2009-0781"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65766", "href": "http://plugins.openvas.org/nasl.php?oid=65766", "sourceData": "#\n#VID slesp2-websphere-as_ce-6312\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Websphere Community Edition\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65766);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5518\", \"CVE-2009-0038\", \"CVE-2009-0039\", \"CVE-2009-0781\");\n script_tag(name:\"cvss_base\", value:\"9.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_name(\"SLES10: Security update for Websphere Community Edition\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"websphere-as_ce\", rpm:\"websphere-as_ce~2.1.1.2~0.3\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:42", "description": "The remote host is missing updates announced in\nadvisory GLSA 200804-10.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200804-10 (tomcat)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5342", "CVE-2007-5333", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-0002"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60810", "href": "http://plugins.openvas.org/nasl.php?oid=60810", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Tomcat may lead to local file overwriting,\nsession hijacking or information disclosure.\";\ntag_solution = \"All Tomcat 5.5.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-5.5.26'\n\nAll Tomcat 6.0.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/tomcat-6.0.16'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200804-10\nhttp://bugs.gentoo.org/show_bug.cgi?id=196066\nhttp://bugs.gentoo.org/show_bug.cgi?id=203169\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200804-10.\";\n\n \n\nif(description)\n{\n script_id(60810);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-6286\", \"CVE-2008-0002\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200804-10 (tomcat)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-servers/tomcat\", unaffected: make_list(\"rge 5.5.26\", \"ge 6.0.16\"), vulnerable: make_list(\"lt 6.0.16\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-02T10:54:35", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2010-08-06T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat5 RHSA-2010:0580-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2693", "CVE-2009-0781", "CVE-2010-2227", "CVE-2009-2696", "CVE-2009-2902"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:1361412562310870302", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870302", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat5 RHSA-2010:0580-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n A flaw was found in the way Tomcat handled the Transfer-Encoding header in\n HTTP requests. A specially-crafted HTTP request could prevent Tomcat from\n sending replies, or cause Tomcat to return truncated replies, or replies\n containing data related to the requests of other users, for all subsequent\n HTTP requests. (CVE-2010-2227)\n\n The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text\n stated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw\n in the examples calendar application. With some web browsers, remote\n attackers could use this flaw to inject arbitrary web script or HTML via\n the &quot;time&quot; parameter. (CVE-2009-2696)\n\n Two directory traversal flaws were found in the Tomcat deployment process.\n A specially-crafted WAR file could, when deployed, cause a file to be\n created outside of the web root into any directory writable by the Tomcat\n user, or could lead to the deletion of files in the Tomcat host's work\n directory. (CVE-2009-2693, CVE-2009-2902)\n\n Users of Tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues. Tomcat must be restarted for\n this update to take effect.\";\n\ntag_affected = \"tomcat5 on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-August/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870302\");\n script_version(\"$Revision: 8207 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 08:30:12 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-06 10:34:50 +0200 (Fri, 06 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0580-01\");\n script_cve_id(\"CVE-2009-2693\", \"CVE-2009-2696\", \"CVE-2009-2902\", \"CVE-2010-2227\", \"CVE-2009-0781\");\n script_name(\"RedHat Update for tomcat5 RHSA-2010:0580-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat5 CESA-2010:0580 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2693", "CVE-2009-0781", "CVE-2010-2227", "CVE-2009-2696", "CVE-2009-2902"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880632", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat5 CESA-2010:0580 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-August/016859.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880632\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0580\");\n script_cve_id(\"CVE-2009-2693\", \"CVE-2009-2696\", \"CVE-2009-2902\", \"CVE-2010-2227\", \"CVE-2009-0781\");\n script_name(\"CentOS Update for tomcat5 CESA-2010:0580 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"tomcat5 on CentOS 5\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n A flaw was found in the way Tomcat handled the Transfer-Encoding header in\n HTTP requests. A specially-crafted HTTP request could prevent Tomcat from\n sending replies, or cause Tomcat to return truncated replies, or replies\n containing data related to the requests of other users, for all subsequent\n HTTP requests. (CVE-2010-2227)\n\n The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text\n stated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw\n in the examples calendar application. With some web browsers, remote\n attackers could use this flaw to inject arbitrary web script or HTML via\n the 'time' parameter. (CVE-2009-2696)\n\n Two directory traversal flaws were found in the Tomcat deployment process.\n A specially-crafted WAR file could, when deployed, cause a file to be\n created outside of the web root into any directory writable by the Tomcat\n user, or could lead to the deletion of files in the Tomcat host's work\n directory. (CVE-2009-2693, CVE-2009-2902)\n\n Users of Tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues. Tomcat must be restarted for\n this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2017-07-25T10:55:30", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat5 CESA-2010:0580 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2693", "CVE-2009-0781", "CVE-2010-2227", "CVE-2009-2696", "CVE-2009-2902"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880632", "href": "http://plugins.openvas.org/nasl.php?oid=880632", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat5 CESA-2010:0580 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n A flaw was found in the way Tomcat handled the Transfer-Encoding header in\n HTTP requests. A specially-crafted HTTP request could prevent Tomcat from\n sending replies, or cause Tomcat to return truncated replies, or replies\n containing data related to the requests of other users, for all subsequent\n HTTP requests. (CVE-2010-2227)\n \n The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text\n stated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw\n in the examples calendar application. With some web browsers, remote\n attackers could use this flaw to inject arbitrary web script or HTML via\n the &quot;time&quot; parameter. (CVE-2009-2696)\n \n Two directory traversal flaws were found in the Tomcat deployment process.\n A specially-crafted WAR file could, when deployed, cause a file to be\n created outside of the web root into any directory writable by the Tomcat\n user, or could lead to the deletion of files in the Tomcat host's work\n directory. (CVE-2009-2693, CVE-2009-2902)\n \n Users of Tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues. Tomcat must be restarted for\n this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"tomcat5 on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016859.html\");\n script_id(880632);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0580\");\n script_cve_id(\"CVE-2009-2693\", \"CVE-2009-2696\", \"CVE-2009-2902\", \"CVE-2010-2227\", \"CVE-2009-0781\");\n script_name(\"CentOS Update for tomcat5 CESA-2010:0580 centos5 i386\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.9.el5_5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:47", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2010-08-06T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat5 RHSA-2010:0580-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2693", "CVE-2009-0781", "CVE-2010-2227", "CVE-2009-2696", "CVE-2009-2902"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:870302", "href": "http://plugins.openvas.org/nasl.php?oid=870302", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat5 RHSA-2010:0580-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n A flaw was found in the way Tomcat handled the Transfer-Encoding header in\n HTTP requests. A specially-crafted HTTP request could prevent Tomcat from\n sending replies, or cause Tomcat to return truncated replies, or replies\n containing data related to the requests of other users, for all subsequent\n HTTP requests. (CVE-2010-2227)\n\n The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text\n stated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw\n in the examples calendar application. With some web browsers, remote\n attackers could use this flaw to inject arbitrary web script or HTML via\n the &quot;time&quot; parameter. (CVE-2009-2696)\n\n Two directory traversal flaws were found in the Tomcat deployment process.\n A specially-crafted WAR file could, when deployed, cause a file to be\n created outside of the web root into any directory writable by the Tomcat\n user, or could lead to the deletion of files in the Tomcat host's work\n directory. (CVE-2009-2693, CVE-2009-2902)\n\n Users of Tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues. Tomcat must be restarted for\n this update to take effect.\";\n\ntag_affected = \"tomcat5 on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-August/msg00000.html\");\n script_id(870302);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-06 10:34:50 +0200 (Fri, 06 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0580-01\");\n script_cve_id(\"CVE-2009-2693\", \"CVE-2009-2696\", \"CVE-2009-2902\", \"CVE-2010-2227\", \"CVE-2009-0781\");\n script_name(\"RedHat Update for tomcat5 RHSA-2010:0580-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.9.el5_5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:40", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:012. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-07-06T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:012", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1341", "CVE-2009-1181", "CVE-2009-1386", "CVE-2009-0509", "CVE-2009-0791", "CVE-2009-1180", "CVE-2009-1271", "CVE-2009-1648", "CVE-2009-0033", "CVE-2009-1859", "CVE-2009-1958", "CVE-2009-1855", "CVE-2009-1572", "CVE-2009-1194", "CVE-2009-0580", "CVE-2009-1387", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0799", "CVE-2009-1957", "CVE-2009-1858", "CVE-2009-0511", "CVE-2009-1632", "CVE-2009-1182", "CVE-2009-0755", "CVE-2008-6123", "CVE-2009-0165", "CVE-2009-1272", "CVE-2009-1438", "CVE-2009-0166", "CVE-2009-0512", "CVE-2009-0147", "CVE-2009-0749", "CVE-2009-0510", "CVE-2009-0783", "CVE-2009-1574", "CVE-2009-0663", "CVE-2009-1183", "CVE-2009-1856", "CVE-2009-0800", "CVE-2009-1391", "CVE-2009-1882", "CVE-2009-1857", "CVE-2009-0756", "CVE-2009-0146", "CVE-2009-1861", "CVE-2009-1959", "CVE-2009-0198", "CVE-2009-0949", "CVE-2009-1179"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:64360", "href": "http://plugins.openvas.org/nasl.php?oid=64360", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_012.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:012\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:012. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(64360);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2008-6123\", \"CVE-2009-0033\", \"CVE-2009-0146\", \"CVE-2009-0147\", \"CVE-2009-0165\", \"CVE-2009-0166\", \"CVE-2009-0198\", \"CVE-2009-0509\", \"CVE-2009-0510\", \"CVE-2009-0511\", \"CVE-2009-0512\", \"CVE-2009-0580\", \"CVE-2009-0663\", \"CVE-2009-0749\", \"CVE-2009-0755\", \"CVE-2009-0756\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-0791\", \"CVE-2009-0799\", \"CVE-2009-0800\", \"CVE-2009-0949\", \"CVE-2009-1179\", \"CVE-2009-1180\", \"CVE-2009-1181\", \"CVE-2009-1182\", \"CVE-2009-1183\", \"CVE-2009-1194\", \"CVE-2009-1271\", \"CVE-2009-1272\", \"CVE-2009-1341\", \"CVE-2009-1386\", \"CVE-2009-1387\", \"CVE-2009-1391\", \"CVE-2009-1438\", \"CVE-2009-1572\", \"CVE-2009-1574\", \"CVE-2009-1632\", \"CVE-2009-1648\", \"CVE-2009-1855\", \"CVE-2009-1856\", \"CVE-2009-1857\", \"CVE-2009-1858\", \"CVE-2009-1859\", \"CVE-2009-1861\", \"CVE-2009-1882\", \"CVE-2009-1957\", \"CVE-2009-1958\", \"CVE-2009-1959\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:012\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick-devel\", rpm:\"GraphicsMagick-devel~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.11~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.11~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.11~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.2~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.2~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fontconfig\", rpm:\"fontconfig~2.6.0~8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fontconfig-devel\", rpm:\"fontconfig-devel~2.6.0~8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-control-center\", rpm:\"gnome-control-center~2.24.0.1~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-control-center-devel\", rpm:\"gnome-control-center-devel~2.24.0.1~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-control-center-lang\", rpm:\"gnome-control-center-lang~2.24.0.1~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop\", rpm:\"gnome-desktop~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop-devel\", rpm:\"gnome-desktop-devel~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop-doc\", rpm:\"gnome-desktop-doc~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop-lang\", rpm:\"gnome-desktop-lang~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-settings-daemon\", rpm:\"gnome-settings-daemon~2.24.0~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-settings-daemon-devel\", rpm:\"gnome-settings-daemon-devel~2.24.0~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-settings-daemon-lang\", rpm:\"gnome-settings-daemon-lang~2.24.0~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad\", rpm:\"gstreamer-0_10-plugins-bad~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-devel\", rpm:\"gstreamer-0_10-plugins-bad-devel~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-doc\", rpm:\"gstreamer-0_10-plugins-bad-doc~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-lang\", rpm:\"gstreamer-0_10-plugins-bad-lang~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good\", rpm:\"gstreamer-0_10-plugins-good~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-doc\", rpm:\"gstreamer-0_10-plugins-good-doc~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-extra\", rpm:\"gstreamer-0_10-plugins-good-extra~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-lang\", rpm:\"gstreamer-0_10-plugins-good-lang~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ifolder3\", rpm:\"ifolder3~3.7.2.9141.1~3.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ipsec-tools\", rpm:\"ipsec-tools~0.7.1~10.49.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi\", rpm:\"irssi~0.8.12~30.70.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi-devel\", rpm:\"irssi-devel~0.8.12~30.70.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++-devel\", rpm:\"libGraphicsMagick++-devel~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++2\", rpm:\"libGraphicsMagick++2~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick2\", rpm:\"libGraphicsMagick2~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagickWand1\", rpm:\"libGraphicsMagickWand1~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++1\", rpm:\"libMagick++1~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickCore1\", rpm:\"libMagickCore1~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickWand1\", rpm:\"libMagickWand1~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnome-desktop-2-7\", rpm:\"libgnome-desktop-2-7~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstapp-0_10-0\", rpm:\"libgstapp-0_10-0~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnotify1\", rpm:\"libnotify1~0.4.4~173.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnsssharedhelper0\", rpm:\"libnsssharedhelper0~1.0.4~1.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler4\", rpm:\"libpoppler4~0.10.1~1.6.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nautilus-ifolder3\", rpm:\"nautilus-ifolder3~3.7.2.9141.1~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ifolder-client-plugins\", rpm:\"novell-ifolder-client-plugins~3.7.2.9141.1~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.7.1~2.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.7.1~2.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nspluginwrapper\", rpm:\"nspluginwrapper~1.2.2~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"osc\", rpm:\"osc~0.120~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~62.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-GraphicsMagick\", rpm:\"perl-GraphicsMagick~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~62.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~62.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"simias\", rpm:\"simias~1.8.2.9141.1~3.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"startup-notification\", rpm:\"startup-notification~0.9~59.61\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"startup-notification-devel\", rpm:\"startup-notification-devel~0.9~59.61\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wpa_supplicant\", rpm:\"wpa_supplicant~0.6.4~15.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wpa_supplicant-gui\", rpm:\"wpa_supplicant-gui~0.6.4~15.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick-devel\", rpm:\"GraphicsMagick-devel~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.2~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.2~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad\", rpm:\"gstreamer-0_10-plugins-bad~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-devel\", rpm:\"gstreamer-0_10-plugins-bad-devel~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-doc\", rpm:\"gstreamer-0_10-plugins-bad-doc~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-lang\", rpm:\"gstreamer-0_10-plugins-bad-lang~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good\", rpm:\"gstreamer-0_10-plugins-good~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-doc\", rpm:\"gstreamer-0_10-plugins-good-doc~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-extra\", rpm:\"gstreamer-0_10-plugins-good-extra~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-lang\", rpm:\"gstreamer-0_10-plugins-good-lang~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ipsec-tools\", rpm:\"ipsec-tools~0.7~61.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi\", rpm:\"irssi~0.8.12~49.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi-devel\", rpm:\"irssi-devel~0.8.12~49.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-demo\", rpm:\"java-1_5_0-sun-demo~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++-devel\", rpm:\"libGraphicsMagick++-devel~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++1\", rpm:\"libGraphicsMagick++1~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick1\", rpm:\"libGraphicsMagick1~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagickWand0\", rpm:\"libGraphicsMagickWand0~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++1\", rpm:\"libMagick++1~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickCore1\", rpm:\"libMagickCore1~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickWand1\", rpm:\"libMagickWand1~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstapp-0_10-0\", rpm:\"libgstapp-0_10-0~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler3\", rpm:\"libpoppler3~0.8.2~1.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~183.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~183.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"osc\", rpm:\"osc~0.120~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~37.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-GraphicsMagick\", rpm:\"perl-GraphicsMagick~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~37.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~37.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.16.49~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick-devel\", rpm:\"GraphicsMagick-devel~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.6~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.2~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.2~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-bad\", rpm:\"gstreamer010-plugins-bad~0.10.5~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-bad-devel\", rpm:\"gstreamer010-plugins-bad-devel~0.10.5~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-bad-doc\", rpm:\"gstreamer010-plugins-bad-doc~0.10.5~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good\", rpm:\"gstreamer010-plugins-good~0.10.6~41.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-doc\", rpm:\"gstreamer010-plugins-good-doc~0.10.6~41.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-extra\", rpm:\"gstreamer010-plugins-good-extra~0.10.6~41.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ipsec-tools\", rpm:\"ipsec-tools~0.6.5~104.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi\", rpm:\"irssi~0.8.11~19.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi-devel\", rpm:\"irssi-devel~0.8.11~19.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-demo\", rpm:\"java-1_5_0-sun-demo~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++-devel\", rpm:\"libGraphicsMagick++-devel~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++1\", rpm:\"libGraphicsMagick++1~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick1\", rpm:\"libGraphicsMagick1~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagickWand0\", rpm:\"libGraphicsMagickWand0~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++10\", rpm:\"libMagick++10~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick10\", rpm:\"libMagick10~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libWand10\", rpm:\"libWand10~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~114.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~114.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"osc\", rpm:\"osc~0.120~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-Compress-Raw-Zlib\", rpm:\"perl-Compress-Raw-Zlib~2.005~17.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBD-Pg\", rpm:\"perl-DBD-Pg~1.49~76.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-GraphicsMagick\", rpm:\"perl-GraphicsMagick~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-doc\", rpm:\"poppler-doc~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-glib\", rpm:\"poppler-glib~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-qt\", rpm:\"poppler-qt~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-qt4\", rpm:\"poppler-qt4~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-tools\", rpm:\"poppler-tools~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:37", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:012. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-07-06T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:012", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1341", "CVE-2009-1181", "CVE-2009-1386", "CVE-2009-0509", "CVE-2009-0791", "CVE-2009-1180", "CVE-2009-1271", "CVE-2009-1648", "CVE-2009-0033", "CVE-2009-1859", "CVE-2009-1958", "CVE-2009-1855", "CVE-2009-1572", "CVE-2009-1194", "CVE-2009-0580", "CVE-2009-1387", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0799", "CVE-2009-1957", "CVE-2009-1858", "CVE-2009-0511", "CVE-2009-1632", "CVE-2009-1182", "CVE-2009-0755", "CVE-2008-6123", "CVE-2009-0165", "CVE-2009-1272", "CVE-2009-1438", "CVE-2009-0166", "CVE-2009-0512", "CVE-2009-0147", "CVE-2009-0749", "CVE-2009-0510", "CVE-2009-0783", "CVE-2009-1574", "CVE-2009-0663", "CVE-2009-1183", "CVE-2009-1856", "CVE-2009-0800", "CVE-2009-1391", "CVE-2009-1882", "CVE-2009-1857", "CVE-2009-0756", "CVE-2009-0146", "CVE-2009-1861", "CVE-2009-1959", "CVE-2009-0198", "CVE-2009-0949", "CVE-2009-1179"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064360", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064360", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_012.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:012\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:012. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64360\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2008-5515\", \"CVE-2008-6123\", \"CVE-2009-0033\", \"CVE-2009-0146\", \"CVE-2009-0147\", \"CVE-2009-0165\", \"CVE-2009-0166\", \"CVE-2009-0198\", \"CVE-2009-0509\", \"CVE-2009-0510\", \"CVE-2009-0511\", \"CVE-2009-0512\", \"CVE-2009-0580\", \"CVE-2009-0663\", \"CVE-2009-0749\", \"CVE-2009-0755\", \"CVE-2009-0756\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-0791\", \"CVE-2009-0799\", \"CVE-2009-0800\", \"CVE-2009-0949\", \"CVE-2009-1179\", \"CVE-2009-1180\", \"CVE-2009-1181\", \"CVE-2009-1182\", \"CVE-2009-1183\", \"CVE-2009-1194\", \"CVE-2009-1271\", \"CVE-2009-1272\", \"CVE-2009-1341\", \"CVE-2009-1386\", \"CVE-2009-1387\", \"CVE-2009-1391\", \"CVE-2009-1438\", \"CVE-2009-1572\", \"CVE-2009-1574\", \"CVE-2009-1632\", \"CVE-2009-1648\", \"CVE-2009-1855\", \"CVE-2009-1856\", \"CVE-2009-1857\", \"CVE-2009-1858\", \"CVE-2009-1859\", \"CVE-2009-1861\", \"CVE-2009-1882\", \"CVE-2009-1957\", \"CVE-2009-1958\", \"CVE-2009-1959\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:012\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick-devel\", rpm:\"GraphicsMagick-devel~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.11~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.11~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.11~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.2~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.2~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fontconfig\", rpm:\"fontconfig~2.6.0~8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fontconfig-devel\", rpm:\"fontconfig-devel~2.6.0~8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-control-center\", rpm:\"gnome-control-center~2.24.0.1~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-control-center-devel\", rpm:\"gnome-control-center-devel~2.24.0.1~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-control-center-lang\", rpm:\"gnome-control-center-lang~2.24.0.1~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop\", rpm:\"gnome-desktop~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop-devel\", rpm:\"gnome-desktop-devel~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop-doc\", rpm:\"gnome-desktop-doc~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-desktop-lang\", rpm:\"gnome-desktop-lang~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.27.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-settings-daemon\", rpm:\"gnome-settings-daemon~2.24.0~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-settings-daemon-devel\", rpm:\"gnome-settings-daemon-devel~2.24.0~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-settings-daemon-lang\", rpm:\"gnome-settings-daemon-lang~2.24.0~3.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad\", rpm:\"gstreamer-0_10-plugins-bad~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-devel\", rpm:\"gstreamer-0_10-plugins-bad-devel~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-doc\", rpm:\"gstreamer-0_10-plugins-bad-doc~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-lang\", rpm:\"gstreamer-0_10-plugins-bad-lang~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good\", rpm:\"gstreamer-0_10-plugins-good~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-doc\", rpm:\"gstreamer-0_10-plugins-good-doc~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-extra\", rpm:\"gstreamer-0_10-plugins-good-extra~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-lang\", rpm:\"gstreamer-0_10-plugins-good-lang~0.10.10~3.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ifolder3\", rpm:\"ifolder3~3.7.2.9141.1~3.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ipsec-tools\", rpm:\"ipsec-tools~0.7.1~10.49.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi\", rpm:\"irssi~0.8.12~30.70.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi-devel\", rpm:\"irssi-devel~0.8.12~30.70.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update19~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++-devel\", rpm:\"libGraphicsMagick++-devel~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++2\", rpm:\"libGraphicsMagick++2~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick2\", rpm:\"libGraphicsMagick2~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagickWand1\", rpm:\"libGraphicsMagickWand1~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++1\", rpm:\"libMagick++1~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickCore1\", rpm:\"libMagickCore1~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickWand1\", rpm:\"libMagickWand1~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnome-desktop-2-7\", rpm:\"libgnome-desktop-2-7~2.24.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstapp-0_10-0\", rpm:\"libgstapp-0_10-0~0.10.8~6.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnotify1\", rpm:\"libnotify1~0.4.4~173.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnsssharedhelper0\", rpm:\"libnsssharedhelper0~1.0.4~1.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler4\", rpm:\"libpoppler4~0.10.1~1.6.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nautilus-ifolder3\", rpm:\"nautilus-ifolder3~3.7.2.9141.1~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ifolder-client-plugins\", rpm:\"novell-ifolder-client-plugins~3.7.2.9141.1~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.7.1~2.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.7.1~2.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nspluginwrapper\", rpm:\"nspluginwrapper~1.2.2~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"osc\", rpm:\"osc~0.120~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~62.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-GraphicsMagick\", rpm:\"perl-GraphicsMagick~1.2.5~4.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~6.4.3.6~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~62.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~62.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.11~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.16~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"simias\", rpm:\"simias~1.8.2.9141.1~3.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"startup-notification\", rpm:\"startup-notification~0.9~59.61\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"startup-notification-devel\", rpm:\"startup-notification-devel~0.9~59.61\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wpa_supplicant\", rpm:\"wpa_supplicant~0.6.4~15.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wpa_supplicant-gui\", rpm:\"wpa_supplicant-gui~0.6.4~15.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick-devel\", rpm:\"GraphicsMagick-devel~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.2~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.2~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad\", rpm:\"gstreamer-0_10-plugins-bad~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-devel\", rpm:\"gstreamer-0_10-plugins-bad-devel~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-doc\", rpm:\"gstreamer-0_10-plugins-bad-doc~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-lang\", rpm:\"gstreamer-0_10-plugins-bad-lang~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good\", rpm:\"gstreamer-0_10-plugins-good~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-doc\", rpm:\"gstreamer-0_10-plugins-good-doc~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-extra\", rpm:\"gstreamer-0_10-plugins-good-extra~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-lang\", rpm:\"gstreamer-0_10-plugins-good-lang~0.10.7~38.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ipsec-tools\", rpm:\"ipsec-tools~0.7~61.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi\", rpm:\"irssi~0.8.12~49.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi-devel\", rpm:\"irssi-devel~0.8.12~49.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-demo\", rpm:\"java-1_5_0-sun-demo~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update19~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++-devel\", rpm:\"libGraphicsMagick++-devel~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++1\", rpm:\"libGraphicsMagick++1~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick1\", rpm:\"libGraphicsMagick1~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagickWand0\", rpm:\"libGraphicsMagickWand0~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++1\", rpm:\"libMagick++1~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickCore1\", rpm:\"libMagickCore1~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagickWand1\", rpm:\"libMagickWand1~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstapp-0_10-0\", rpm:\"libgstapp-0_10-0~0.10.6~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler3\", rpm:\"libpoppler3~0.8.2~1.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.11~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~183.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~183.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"osc\", rpm:\"osc~0.120~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~37.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-GraphicsMagick\", rpm:\"perl-GraphicsMagick~1.1.11~29.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~6.4.0.4~20.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~37.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~37.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.16~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.16.49~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"GraphicsMagick-devel\", rpm:\"GraphicsMagick-devel~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.6~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.2~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.2~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-bad\", rpm:\"gstreamer010-plugins-bad~0.10.5~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-bad-devel\", rpm:\"gstreamer010-plugins-bad-devel~0.10.5~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-bad-doc\", rpm:\"gstreamer010-plugins-bad-doc~0.10.5~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good\", rpm:\"gstreamer010-plugins-good~0.10.6~41.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-doc\", rpm:\"gstreamer010-plugins-good-doc~0.10.6~41.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-extra\", rpm:\"gstreamer010-plugins-good-extra~0.10.6~41.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ipsec-tools\", rpm:\"ipsec-tools~0.6.5~104.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi\", rpm:\"irssi~0.8.11~19.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"irssi-devel\", rpm:\"irssi-devel~0.8.11~19.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-demo\", rpm:\"java-1_5_0-sun-demo~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update19~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++-devel\", rpm:\"libGraphicsMagick++-devel~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick++1\", rpm:\"libGraphicsMagick++1~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagick1\", rpm:\"libGraphicsMagick1~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libGraphicsMagickWand0\", rpm:\"libGraphicsMagickWand0~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick++10\", rpm:\"libMagick++10~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libMagick10\", rpm:\"libMagick10~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libWand10\", rpm:\"libWand10~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~114.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~114.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.13\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"osc\", rpm:\"osc~0.120~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-Compress-Raw-Zlib\", rpm:\"perl-Compress-Raw-Zlib~2.005~17.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBD-Pg\", rpm:\"perl-DBD-Pg~1.49~76.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-GraphicsMagick\", rpm:\"perl-GraphicsMagick~1.1.8~20.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~6.3.5.10~2.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-doc\", rpm:\"poppler-doc~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-glib\", rpm:\"poppler-glib~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-qt\", rpm:\"poppler-qt~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-qt4\", rpm:\"poppler-qt4~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-tools\", rpm:\"poppler-tools~0.5.4~101.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.16~1.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:00", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat5 FEDORA-2008-1603", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5342", "CVE-2007-1355", "CVE-2007-5333", "CVE-2007-3382", "CVE-2007-2450", "CVE-2007-2449", "CVE-2007-3386", "CVE-2007-5461", "CVE-2007-6286", "CVE-2007-3385", "CVE-2007-1358", "CVE-2008-0002"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860345", "href": "http://plugins.openvas.org/nasl.php?oid=860345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat5 FEDORA-2008-1603\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License. Tomcat is intended to be\n a collaboration of the best-of-breed developers from around the world.\n We invite you to participate in this open development project. To\n learn more about getting involved, click here.\";\n\ntag_affected = \"tomcat5 on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html\");\n script_id(860345);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-1603\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5333\", \"CVE-2007-5461\", \"CVE-2007-6286\", \"CVE-2007-1355\", \"CVE-2007-3386\", \"CVE-2007-3385\", \"CVE-2007-3382\", \"CVE-2007-2450\", \"CVE-2007-2449\", \"CVE-2007-1358\", \"CVE-2008-0002\");\n script_name( \"Fedora Update for tomcat5 FEDORA-2008-1603\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.26~1jpp.2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:15", "description": "[5.5.23-0jpp.7.2]\n- Actually add the patch files this time\n Resolves: rhbz#427779\n Resolves: rhbz#504758\n Resolves: rhbz#503980\n Resolves: rhbz#504162\n[5.5.23-0jpp.7.2]\n- add patch for CVE-2007-5333\n Resolves: rhbz#427779\n- add patch for CVE-2008-5515\n Resolves: rhbz#504758\n- add patch for CVE-2009-0033\n- add patch for CVE-2009-0580\n Resolves: rhbz#503980\n- add patch for CVE-2009-0783\n Resolves: rhbz#504162", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "oraclelinux", "title": "tomcat security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-0033", "CVE-2007-5333", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-0783"], "modified": "2009-07-21T00:00:00", "id": "ELSA-2009-1164", "href": "http://linux.oracle.com/errata/ELSA-2009-1164.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2021-10-19T20:37:20", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the \"time\" parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-11-09T00:00:00", "type": "redhat", "title": "(RHSA-2009:1562) Important: tomcat security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2019-03-22T19:44:20", "id": "RHSA-2009:1562", "href": "https://access.redhat.com/errata/RHSA-2009:1562", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:44:00", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the \"time\" parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-07-21T00:00:00", "type": "redhat", "title": "(RHSA-2009:1164) Important: tomcat security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2017-09-08T08:11:49", "id": "RHSA-2009:1164", "href": "https://access.redhat.com/errata/RHSA-2009:1164", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-19T20:38:53", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-11-09T00:00:00", "type": "redhat", "title": "(RHSA-2009:1563) Important: tomcat security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2019-03-22T19:44:24", "id": "RHSA-2009:1563", "href": "https://access.redhat.com/errata/RHSA-2009:1563", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-19T20:40:26", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nThis update corrects several security vulnerabilities in the Tomcat\ncomponent shipped as part of Red Hat Network Satellite Server. In a typical\noperating environment, Tomcat is not exposed to users of Satellite Server\nin a vulnerable manner: By default, only Satellite Server applications are\nrunning on Tomcat. This update will reduce risk in unique Satellite Server\nenvironments.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:1069 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Red Hat Network Satellite Server 5.2 and 5.3 are advised to\nupgrade to these updated tomcat packages, which contain backported patches\nto resolve these issues. Tomcat must be restarted for this update to take\neffect.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-11-30T00:00:00", "type": "redhat", "title": "(RHSA-2009:1616) Low: tomcat security update for Red Hat Network Satellite Server", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2019-03-22T19:44:15", "id": "RHSA-2009:1616", "href": "https://access.redhat.com/errata/RHSA-2009:1616", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:42:27", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that Tomcat does not properly handle a certain character\nand character sequence in cookie values. A remote attacker could use this\nflaw to obtain sensitive information, such as session IDs, and then use\nthis information for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-09-21T00:00:00", "type": "redhat", "title": "(RHSA-2009:1454) Important: tomcat5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2016-04-04T14:31:38", "id": "RHSA-2009:1454", "href": "https://access.redhat.com/errata/RHSA-2009:1454", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:44:48", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-10-14T00:00:00", "type": "redhat", "title": "(RHSA-2009:1506) Important: tomcat6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2016-04-04T14:31:43", "id": "RHSA-2009:1506", "href": "https://access.redhat.com/errata/RHSA-2009:1506", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:42:54", "description": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.3.0.CP04.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is available\nbelow in the References section of this errata.\n\nThe following security issues are also fixed with this release:\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications deployed on JBossWeb when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser JBossWeb uses to parse configuration files. A\nmalicious web application running on a JBossWeb instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to upgrade\nto these updated packages.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-07-06T00:00:00", "type": "redhat", "title": "(RHSA-2009:1145) Important: JBoss Enterprise Application Platform 4.3.0.CP05 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5515", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2016-04-04T14:31:10", "id": "RHSA-2009:1145", "href": "https://access.redhat.com/errata/RHSA-2009:1145", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-19T20:36:30", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nThis update corrects several security vulnerabilities in the Tomcat\ncomponent shipped as part of Red Hat Network Satellite Server. In a typical\noperating environment, Tomcat is not exposed to users of Satellite Server\nin a vulnerable manner: By default, only Satellite Server applications are\nrunning on Tomcat. This update will reduce risk in unique Satellite Server\nenvironments.\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Red Hat Network Satellite Server 5.1 are advised to upgrade to\nthis updated tomcat package, which contains backported patches to resolve\nthese issues. Tomcat must be restarted for this update to take effect.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2009-11-30T00:00:00", "type": "redhat", "title": "(RHSA-2009:1617) Low: tomcat security update for Red Hat Network Satellite Server", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0783"], "modified": "2019-03-22T19:44:27", "id": "RHSA-2009:1617", "href": "https://access.redhat.com/errata/RHSA-2009:1617", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:42:09", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nThe Tomcat security update RHSA-2009:1164 did not, unlike the erratum text\nstated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw\nin the examples calendar application. With some web browsers, remote\nattackers could use this flaw to inject arbitrary web script or HTML via\nthe \"time\" parameter. (CVE-2009-2696)\n\nTwo directory traversal flaws were found in the Tomcat deployment process.\nA specially-crafted WAR file could, when deployed, cause a file to be\ncreated outside of the web root into any directory writable by the Tomcat\nuser, or could lead to the deletion of files in the Tomcat host's work\ndirectory. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\n", "cvss3": {}, "published": "2010-08-02T00:00:00", "type": "redhat", "title": "(RHSA-2010:0580) Important: tomcat5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0781", "CVE-2009-2693", "CVE-2009-2696", "CVE-2009-2902", "CVE-2010-2227"], "modified": "2017-09-08T07:58:31", "id": "RHSA-2010:0580", "href": "https://access.redhat.com/errata/RHSA-2010:0580", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "centos": [{"lastseen": "2023-06-02T15:08:33", "description": "**CentOS Errata and Security Advisory** CESA-2009:1164\n\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the \"time\" parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-July/065523.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-July/065524.html\n\n**Affected packages:**\ntomcat5\ntomcat5-admin-webapps\ntomcat5-common-lib\ntomcat5-jasper\ntomcat5-jasper-javadoc\ntomcat5-jsp-2.0-api\ntomcat5-jsp-2.0-api-javadoc\ntomcat5-server-lib\ntomcat5-servlet-2.4-api\ntomcat5-servlet-2.4-api-javadoc\ntomcat5-webapps\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:1164", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.4}, "published": "2009-07-29T17:30:22", "type": "centos", "title": "tomcat5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2009-07-29T17:30:25", "id": "CESA-2009:1164", "href": "https://lists.centos.org/pipermail/centos-announce/2009-July/065523.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-31T16:15:43", "description": "**CentOS Errata and Security Advisory** CESA-2010:0580\n\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nThe Tomcat security update RHSA-2009:1164 did not, unlike the erratum text\nstated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw\nin the examples calendar application. With some web browsers, remote\nattackers could use this flaw to inject arbitrary web script or HTML via\nthe \"time\" parameter. (CVE-2009-2696)\n\nTwo directory traversal flaws were found in the Tomcat deployment process.\nA specially-crafted WAR file could, when deployed, cause a file to be\ncreated outside of the web root into any directory writable by the Tomcat\nuser, or could lead to the deletion of files in the Tomcat host's work\ndirectory. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/066333.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/066334.html\n\n**Affected packages:**\ntomcat5\ntomcat5-admin-webapps\ntomcat5-common-lib\ntomcat5-jasper\ntomcat5-jasper-javadoc\ntomcat5-jsp-2.0-api\ntomcat5-jsp-2.0-api-javadoc\ntomcat5-server-lib\ntomcat5-servlet-2.4-api\ntomcat5-servlet-2.4-api-javadoc\ntomcat5-webapps\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2010:0580", "cvss3": {}, "published": "2010-08-03T00:39:04", "type": "centos", "title": "tomcat5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0781", "CVE-2009-2693", "CVE-2009-2696", "CVE-2009-2902", "CVE-2010-2227"], "modified": "2010-08-03T00:39:04", "id": "CESA-2010:0580", "href": "https://lists.centos.org/pipermail/centos-announce/2010-August/066333.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "nessus": [{"lastseen": "2023-05-17T15:44:10", "description": "Updated tomcat packages that fix several security issues are now available for Red Hat Network Satellite Server 5.2 and 5.3.\n\nThis update has been rated as having low security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis update corrects several security vulnerabilities in the Tomcat component shipped as part of Red Hat Network Satellite Server. In a typical operating environment, Tomcat is not exposed to users of Satellite Server in a vulnerable manner: By default, only Satellite Server applications are running on Tomcat. This update will reduce risk in unique Satellite Server environments.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:1069 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie processing behavior: With this update, version 0 cookies that contain values that must be quoted to be valid are automatically changed to version 1 cookies. To reactivate the previous, but insecure behavior, add the following entry to the '/etc/tomcat5/catalina.properties' file :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially crafted requests that would cause a temporary denial of service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications running on Tomcat when FORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Red Hat Network Satellite Server 5.2 and 5.3 are advised to upgrade to these updated tomcat packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2010-01-10T00:00:00", "type": "nessus", "title": "RHEL 4 : tomcat in Satellite Server (RHSA-2009:1616)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5", "p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2009-1616.NASL", "href": "https://www.tenable.com/plugins/nessus/43844", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1616. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43844);\n script_version(\"1.32\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_bugtraq_id(27706, 35193, 35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1616\");\n\n script_name(english:\"RHEL 4 : tomcat in Satellite Server (RHSA-2009:1616)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix several security issues are now\navailable for Red Hat Network Satellite Server 5.2 and 5.3.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nThis update corrects several security vulnerabilities in the Tomcat\ncomponent shipped as part of Red Hat Network Satellite Server. In a\ntypical operating environment, Tomcat is not exposed to users of\nSatellite Server in a vulnerable manner: By default, only Satellite\nServer applications are running on Tomcat. This update will reduce\nrisk in unique Satellite Server environments.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:1069\ndid not address all possible flaws in the way Tomcat handles certain\ncharacters and character sequences in cookie values. A remote attacker\ncould use this flaw to obtain sensitive information, such as session\nIDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to\nversion 1 cookies. To reactivate the previous, but insecure behavior,\nadd the following entry to the '/etc/tomcat5/catalina.properties' \nfile :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw\nto send specially crafted requests that would cause a temporary denial\nof service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications running on Tomcat when\nFORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser Tomcat uses to parse\nconfiguration files. A malicious web application running on a Tomcat\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same Tomcat\ninstance. (CVE-2009-0783)\n\nUsers of Red Hat Network Satellite Server 5.2 and 5.3 are advised to\nupgrade to these updated tomcat packages, which contain backported\npatches to resolve these issues. Tomcat must be restarted for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1616\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1616\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"spacewalk-admin-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Satellite Server\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-5.5.23-0jpp_18rh\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-common-lib-5.5.23-0jpp_18rh\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-jasper-5.5.23-0jpp_18rh\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp_18rh\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-server-lib-5.5.23-0jpp_18rh\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp_18rh\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-common-lib / tomcat5-jasper / tomcat5-jsp-2.0-api / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:44:32", "description": "An updated tomcat package that fixes several security issues is now available for Red Hat Network Satellite Server 5.1.\n\nThis update has been rated as having low security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis update corrects several security vulnerabilities in the Tomcat component shipped as part of Red Hat Network Satellite Server. In a typical operating environment, Tomcat is not exposed to users of Satellite Server in a vulnerable manner: By default, only Satellite Server applications are running on Tomcat. This update will reduce risk in unique Satellite Server environments.\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially crafted requests that would cause a temporary denial of service. (CVE-2009-0033)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Red Hat Network Satellite Server 5.1 are advised to upgrade to this updated tomcat package, which contains backported patches to resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2010-01-10T00:00:00", "type": "nessus", "title": "RHEL 4 : tomcat in Satellite Server (RHSA-2009:1617)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2009-1617.NASL", "href": "https://www.tenable.com/plugins/nessus/43845", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1617. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43845);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_bugtraq_id(35193, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1617\");\n\n script_name(english:\"RHEL 4 : tomcat in Satellite Server (RHSA-2009:1617)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated tomcat package that fixes several security issues is now\navailable for Red Hat Network Satellite Server 5.1.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nThis update corrects several security vulnerabilities in the Tomcat\ncomponent shipped as part of Red Hat Network Satellite Server. In a\ntypical operating environment, Tomcat is not exposed to users of\nSatellite Server in a vulnerable manner: By default, only Satellite\nServer applications are running on Tomcat. This update will reduce\nrisk in unique Satellite Server environments.\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw\nto send specially crafted requests that would cause a temporary denial\nof service. (CVE-2009-0033)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser Tomcat uses to parse\nconfiguration files. A malicious web application running on a Tomcat\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same Tomcat\ninstance. (CVE-2009-0783)\n\nUsers of Red Hat Network Satellite Server 5.1 are advised to upgrade\nto this updated tomcat package, which contains backported patches to\nresolve these issues. Tomcat must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1617\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1617\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"spacewalk-admin-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Satellite Server\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-5.0.30-0jpp_16rh\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:54", "description": "This update of tomcat fixes several vulnerabilities :\n\n - RequestDispatcher usage can lead to information leakage.\n (CVE-2008-5515)\n\n - denial of service via AJP connection. (CVE-2009-0033)\n\n - some authentication classes allow user enumeration.\n (CVE-2009-0580)\n\n - XSS bug in example application cal2.jsp. (CVE-2009-0781)\n\n - replacing XML parser leads to information leakage Additionally, non-security bugs were fixed.\n (CVE-2009-0783)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 6352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_TOMCAT5-6352.NASL", "href": "https://www.tenable.com/plugins/nessus/41592", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41592);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n\n script_name(english:\"SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 6352)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes several vulnerabilities :\n\n - RequestDispatcher usage can lead to information leakage.\n (CVE-2008-5515)\n\n - denial of service via AJP connection. (CVE-2009-0033)\n\n - some authentication classes allow user enumeration.\n (CVE-2009-0580)\n\n - XSS bug in example application cal2.jsp. (CVE-2009-0781)\n\n - replacing XML parser leads to information leakage\n Additionally, non-security bugs were fixed.\n (CVE-2009-0783)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5515.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0033.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0580.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0781.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0783.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6352.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"tomcat5-5.0.30-27.40\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"tomcat5-admin-webapps-5.0.30-27.40\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"tomcat5-webapps-5.0.30-27.40\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:00", "description": "Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and CVE-2009-0783.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-11-30T00:00:00", "type": "nessus", "title": "Fedora 10 : tomcat6-6.0.20-1.fc10 (2009-11356)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat6", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-11356.NASL", "href": "https://www.tenable.com/plugins/nessus/42902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11356.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42902);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_bugtraq_id(35193, 35196, 35263, 35416);\n script_xref(name:\"FEDORA\", value:\"2009-11356\");\n\n script_name(english:\"Fedora 10 : tomcat6-6.0.20-1.fc10 (2009-11356)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781,\nand CVE-2009-0783.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533903\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/031742.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b0d81ca\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"tomcat6-6.0.20-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:05", "description": "Multiple security vulnerabilities has been identified and fixed in tomcat5 :\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an XSS flaw due to invalid HTML which renders the XSS filtering protection ineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally Apache Tomcat has been upgraded to the latest 5.5.27 version for 2009.0.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : tomcat5 (MDVSA-2009:138)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tomcat5", "p-cpe:/a:mandriva:linux:tomcat5-admin-webapps", "p-cpe:/a:mandriva:linux:tomcat5-common-lib", "p-cpe:/a:mandriva:linux:tomcat5-jasper", "p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse", "p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-server-lib", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-webapps", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-138.NASL", "href": "https://www.tenable.com/plugins/nessus/39486", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:138. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39486);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_bugtraq_id(35193, 35196, 35263, 35416);\n script_xref(name:\"MDVSA\", value:\"2009:138\");\n\n script_name(english:\"Mandriva Linux Security Advisory : tomcat5 (MDVSA-2009:138)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities has been identified and fixed in\ntomcat5 :\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0\nthrough 6.0.18, and possibly earlier versions normalizes the target\npathname before filtering the query string when using the\nRequestDispatcher method, which allows remote attackers to bypass\nintended access restrictions and conduct directory traversal attacks\nvia .. (dot dot) sequences and the WEB-INF directory in a Request\n(CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when FORM authentication is used, allows remote\nattackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering\nprotection ineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than the\ntarget application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this. Additionally\nApache Tomcat has been upgraded to the latest 5.5.27 version for\n2009.0.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-admin-webapps-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-common-lib-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-jasper-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-jasper-eclipse-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-jasper-javadoc-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-jsp-2.0-api-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-server-lib-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-servlet-2.4-api-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tomcat5-webapps-5.5.27-0.3.0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-admin-webapps-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-common-lib-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-jasper-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-jasper-eclipse-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-jasper-javadoc-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-jsp-2.0-api-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-server-lib-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-servlet-2.4-api-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tomcat5-webapps-5.5.27-0.3.0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:00", "description": "Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and CVE-2009-0783.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-11-30T00:00:00", "type": "nessus", "title": "Fedora 12 : tomcat6-6.0.20-1.fc12 (2009-11352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat6", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2009-11352.NASL", "href": "https://www.tenable.com/plugins/nessus/42901", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11352.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42901);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_bugtraq_id(35193, 35196, 35263, 35416);\n script_xref(name:\"FEDORA\", value:\"2009-11352\");\n\n script_name(english:\"Fedora 12 : tomcat6-6.0.20-1.fc12 (2009-11352)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781,\nand CVE-2009-0783.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533903\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/031712.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4543f1fe\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"tomcat6-6.0.20-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:35", "description": "This update of tomcat fixes several vulnerabilities :\n\n - CVE-2008-5515: RequestDispatcher usage can lead to information leakage\n\n - CVE-2009-0033: denial of service via AJP connection\n\n - CVE-2009-0580: some authentication classes allow user enumeration\n\n - CVE-2009-0781: XSS bug in example application cal2.jsp\n\n - CVE-2009-0783: replacing XML parser leads to information leakage Additionally, non-security bugs were fixed.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tomcat6 (tomcat6-999)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tomcat6", "p-cpe:/a:novell:opensuse:tomcat6-admin-webapps", "p-cpe:/a:novell:opensuse:tomcat6-docs-webapp", "p-cpe:/a:novell:opensuse:tomcat6-javadoc", "p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api", "p-cpe:/a:novell:opensuse:tomcat6-lib", "p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api", "p-cpe:/a:novell:opensuse:tomcat6-webapps", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_TOMCAT6-090613.NASL", "href": "https://www.tenable.com/plugins/nessus/40144", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update tomcat6-999.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40144);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n\n script_name(english:\"openSUSE Security Update : tomcat6 (tomcat6-999)\");\n script_summary(english:\"Check for the tomcat6-999 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes several vulnerabilities :\n\n - CVE-2008-5515: RequestDispatcher usage can lead to\n information leakage\n\n - CVE-2009-0033: denial of service via AJP connection\n\n - CVE-2009-0580: some authentication classes allow user\n enumeration\n\n - CVE-2009-0781: XSS bug in example application cal2.jsp\n\n - CVE-2009-0783: replacing XML parser leads to information\n leakage Additionally, non-security bugs were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=418664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=424675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=433852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=446598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=484760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=485933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509840\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-6.0.16-6.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-admin-webapps-6.0.16-6.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-docs-webapp-6.0.16-6.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-javadoc-6.0.16-6.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-jsp-2_1-api-6.0.16-6.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-lib-6.0.16-6.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-servlet-2_5-api-6.0.16-6.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-webapps-6.0.16-6.5\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:34", "description": "Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and CVE-2009-0783.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-11-30T00:00:00", "type": "nessus", "title": "Fedora 11 : tomcat6-6.0.20-1.fc11 (2009-11374)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat6", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-11374.NASL", "href": "https://www.tenable.com/plugins/nessus/42903", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11374.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42903);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_bugtraq_id(35193, 35196, 35263, 35416);\n script_xref(name:\"FEDORA\", value:\"2009-11374\");\n\n script_name(english:\"Fedora 11 : tomcat6-6.0.20-1.fc11 (2009-11374)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781,\nand CVE-2009-0783.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533903\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/031652.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cedc61af\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"tomcat6-6.0.20-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:09:26", "description": "According to its self-reported version number, the Apache Tomcat server listening on the remote host is prior to 4.1.40, 5.5.28, or 6.0.20. It is, therefore, affected by the following vulnerabilities:\n\n- The remote server is affected by a directory traversal vulnerability if a RequestDispatcher obtained from a Request object is used. A specially crafted value for a request parameter can be used to access potentially sensitive configuration files or other files, e.g., files in the WEB-INF directory. (CVE-2008-5515)\n\n - The remote server is affected by a denial of service vulnerability if configured to use the Java AJP connector. An attacker can send a malicious request with invalid headers which causes the AJP connector to be put into an error state for a short time. This behavior can be used as a denial of service attack. (CVE-2009-0033)\n\n - The remote server is affected by a username enumeration vulnerability if configured to use FORM authentication along with the 'MemoryRealm', 'DataSourceRealm', or 'JDBCRealm' authentication realms. (CVE-2009-0580)\n\n - The remote server is affected by a script injection vulnerability if the example JSP application, 'cal2.jsp', is installed. An unauthenticated, remote attacker can exploit this issue to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected site. (CVE-2009-0781)\n\n - The remote server is vulnerable to unauthorized modification of 'web.xml', 'context.xml', or TLD files of arbitrary web applications. This vulnerability allows the XML parser, used to process the XML and TLD files, to be replaced. (CVE-2009-0783)\n\nNote that Nessus Network Monitor has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2004-08-18T00:00:00", "type": "nessus", "title": "Apache Tomcat 4.1.x < 4.1.40 / 5.5.x < 5.5.28 / 6.0.x < 6.0.20 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "5044.PASL", "href": "https://www.tenable.com/plugins/nnm/5044", "sourceData": "Binary data 5044.pasl", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:17:34", "description": "This update of tomcat fixes several vulnerabilities :\n\n - CVE-2008-5515: RequestDispatcher usage can lead to information leakage\n\n - CVE-2009-0033: denial of service via AJP connection\n\n - CVE-2009-0580: some authentication classes allow user enumeration\n\n - CVE-2009-0781: XSS bug in example application cal2.jsp\n\n - CVE-2009-0783: replacing XML parser leads to information leakage Additionally, non-security bugs were fixed.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tomcat6 (tomcat6-999)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tomcat6", "p-cpe:/a:novell:opensuse:tomcat6-admin-webapps", "p-cpe:/a:novell:opensuse:tomcat6-docs-webapp", "p-cpe:/a:novell:opensuse:tomcat6-javadoc", "p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api", "p-cpe:/a:novell:opensuse:tomcat6-lib", "p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api", "p-cpe:/a:novell:opensuse:tomcat6-webapps", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_TOMCAT6-090613.NASL", "href": "https://www.tenable.com/plugins/nessus/40316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update tomcat6-999.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40316);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n\n script_name(english:\"openSUSE Security Update : tomcat6 (tomcat6-999)\");\n script_summary(english:\"Check for the tomcat6-999 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes several vulnerabilities :\n\n - CVE-2008-5515: RequestDispatcher usage can lead to\n information leakage\n\n - CVE-2009-0033: denial of service via AJP connection\n\n - CVE-2009-0580: some authentication classes allow user\n enumeration\n\n - CVE-2009-0781: XSS bug in example application cal2.jsp\n\n - CVE-2009-0783: replacing XML parser leads to information\n leakage Additionally, non-security bugs were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=418664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=424675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=433852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=446598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=484760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=485933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509840\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-6.0.18-16.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-admin-webapps-6.0.18-16.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-docs-webapp-6.0.18-16.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-javadoc-6.0.18-16.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-jsp-2_1-api-6.0.18-16.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-lib-6.0.18-16.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-servlet-2_5-api-6.0.18-16.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tomcat6-webapps-6.0.18-16.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:03", "description": "This update of tomcat fixes several vulnerabilities :\n\n - CVE-2008-5515: RequestDispatcher usage can lead to information leakage\n\n - CVE-2009-0033: denial of service via AJP connection\n\n - CVE-2009-0580: some authentication classes allow user enumeration\n\n - CVE-2009-0781: XSS bug in example application cal2.jsp\n\n - CVE-2009-0783: replacing XML parser leads to information leakage Additionally, non-security bugs were fixed.", "cvss3": {}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : tomcat55 (tomcat55-6369)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tomcat55", "p-cpe:/a:novell:opensuse:tomcat55-admin-webapps", "p-cpe:/a:novell:opensuse:tomcat55-common-lib", "p-cpe:/a:novell:opensuse:tomcat55-jasper", "p-cpe:/a:novell:opensuse:tomcat55-jasper-javadoc", "p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api", "p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api-javadoc", "p-cpe:/a:novell:opensuse:tomcat55-server-lib", "p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api", "p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api-javadoc", "p-cpe:/a:novell:opensuse:tomcat55-webapps", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_TOMCAT55-6369.NASL", "href": "https://www.tenable.com/plugins/nessus/42037", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update tomcat55-6369.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42037);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n\n script_name(english:\"openSUSE 10 Security Update : tomcat55 (tomcat55-6369)\");\n script_summary(english:\"Check for the tomcat55-6369 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes several vulnerabilities :\n\n - CVE-2008-5515: RequestDispatcher usage can lead to\n information leakage\n\n - CVE-2009-0033: denial of service via AJP connection\n\n - CVE-2009-0580: some authentication classes allow user\n enumeration\n\n - CVE-2009-0781: XSS bug in example application cal2.jsp\n\n - CVE-2009-0783: replacing XML parser leads to information\n leakage Additionally, non-security bugs were fixed.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat55 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-admin-webapps-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-common-lib-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jasper-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jasper-javadoc-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jsp-2_0-api-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jsp-2_0-api-javadoc-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-server-lib-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-servlet-2_4-api-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-servlet-2_4-api-javadoc-5.5.23-113.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-webapps-5.5.23-113.13\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat55 / tomcat55-admin-webapps / tomcat55-common-lib / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:14", "description": "Iida Minehiko discovered that Tomcat did not properly normalise paths.\nA remote attacker could send specially crafted requests to the server and bypass security restrictions, gaining access to sensitive content.\n(CVE-2008-5515)\n\nYoshihito Fukuyama discovered that Tomcat did not properly handle errors when the Java AJP connector and mod_jk load balancing are used.\nA remote attacker could send specially crafted requests containing invalid headers to the server and cause a temporary denial of service.\n(CVE-2009-0033)\n\nD. Matscheko and T. Hackner discovered that Tomcat did not properly handle malformed URL encoding of passwords when FORM authentication is used. A remote attacker could exploit this in order to enumerate valid usernames. (CVE-2009-0580)\n\nDeniz Cevik discovered that Tomcat did not properly escape certain parameters in the example calendar application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. (CVE-2009-0781)\n\nPhilippe Prados discovered that Tomcat allowed web applications to replace the XML parser used by other web applications. Local users could exploit this to bypass security restrictions and gain access to certain sensitive files. (CVE-2009-0783).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-06-16T00:00:00", "type": "nessus", "title": "Ubuntu 8.10 / 9.04 : tomcat6 vulnerabilities (USN-788-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libservlet2.5-java", "p-cpe:/a:canonical:ubuntu_linux:libservlet2.5-java-doc", "p-cpe:/a:canonical:ubuntu_linux:libtomcat6-java", "p-cpe:/a:canonical:ubuntu_linux:tomcat6", "p-cpe:/a:canonical:ubuntu_linux:tomcat6-admin", "p-cpe:/a:canonical:ubuntu_linux:tomcat6-common", "p-cpe:/a:canonical:ubuntu_linux:tomcat6-docs", "p-cpe:/a:canonical:ubuntu_linux:tomcat6-examples", "p-cpe:/a:canonical:ubuntu_linux:tomcat6-user", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-788-1.NASL", "href": "https://www.tenable.com/plugins/nessus/39419", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-788-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39419);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_bugtraq_id(35193, 35196, 35263);\n script_xref(name:\"USN\", value:\"788-1\");\n\n script_name(english:\"Ubuntu 8.10 / 9.04 : tomcat6 vulnerabilities (USN-788-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Iida Minehiko discovered that Tomcat did not properly normalise paths.\nA remote attacker could send specially crafted requests to the server\nand bypass security restrictions, gaining access to sensitive content.\n(CVE-2008-5515)\n\nYoshihito Fukuyama discovered that Tomcat did not properly handle\nerrors when the Java AJP connector and mod_jk load balancing are used.\nA remote attacker could send specially crafted requests containing\ninvalid headers to the server and cause a temporary denial of service.\n(CVE-2009-0033)\n\nD. Matscheko and T. Hackner discovered that Tomcat did not properly\nhandle malformed URL encoding of passwords when FORM authentication is\nused. A remote attacker could exploit this in order to enumerate valid\nusernames. (CVE-2009-0580)\n\nDeniz Cevik discovered that Tomcat did not properly escape certain\nparameters in the example calendar application which could result in\nbrowsers becoming vulnerable to cross-site scripting attacks when\nprocessing the output. With cross-site scripting vulnerabilities, if a\nuser were tricked into viewing server output during a crafted server\nrequest, a remote attacker could exploit this to modify the contents,\nor steal confidential data (such as passwords), within the same\ndomain. (CVE-2009-0781)\n\nPhilippe Prados discovered that Tomcat allowed web applications to\nreplace the XML parser used by other web applications. Local users\ncould exploit this to bypass security restrictions and gain access to\ncertain sensitive files. (CVE-2009-0783).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/788-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libservlet2.5-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libservlet2.5-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtomcat6-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat6-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat6-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat6-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat6-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat6-user\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libservlet2.5-java\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libtomcat6-java\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"tomcat6\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"tomcat6-admin\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"tomcat6-common\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"tomcat6-docs\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"tomcat6-examples\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"tomcat6-user\", pkgver:\"6.0.18-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libservlet2.5-java\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libservlet2.5-java-doc\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libtomcat6-java\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"tomcat6\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"tomcat6-admin\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"tomcat6-common\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"tomcat6-docs\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"tomcat6-examples\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"tomcat6-user\", pkgver:\"6.0.18-0ubuntu6.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libservlet2.5-java / libservlet2.5-java-doc / libtomcat6-java / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:06", "description": "This update of tomcat fixes several vulnerabilities :\n\n - RequestDispatcher usage can lead to information leakage.\n (CVE-2008-5515)\n\n - denial of service via AJP connection. (CVE-2009-0033)\n\n - some authentication classes allow user enumeration.\n (CVE-2009-0580)\n\n - XSS bug in example application cal2.jsp. (CVE-2009-0781)\n\n - replacing XML parser leads to information leakage.\n (CVE-2009-0783)\n\nAdditionally, non-security bugs were fixed.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : Tomcat (YOU Patch Number 12460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12460.NASL", "href": "https://www.tenable.com/plugins/nessus/41314", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41314);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n\n script_name(english:\"SuSE9 Security Update : Tomcat (YOU Patch Number 12460)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes several vulnerabilities :\n\n - RequestDispatcher usage can lead to information leakage.\n (CVE-2008-5515)\n\n - denial of service via AJP connection. (CVE-2009-0033)\n\n - some authentication classes allow user enumeration.\n (CVE-2009-0580)\n\n - XSS bug in example application cal2.jsp. (CVE-2009-0781)\n\n - replacing XML parser leads to information leakage.\n (CVE-2009-0783)\n\nAdditionally, non-security bugs were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5515.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0033.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0580.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0781.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0783.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12460.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"apache-jakarta-tomcat-connectors-5.0.19-29.23\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-jakarta-tomcat-connectors-5.0.19-29.23\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"jakarta-tomcat-5.0.19-29.23\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"jakarta-tomcat-doc-5.0.19-29.23\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"jakarta-tomcat-examples-5.0.19-29.23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:47:46", "description": "According to its self-reported version number, the Apache Tomcat server listening on the remote host is prior to 4.1.40, 5.5.28, or 6.0.20. It is, therefore, affected by the following vulnerabilities :\n\n - The remote server is affected by a directory traversal vulnerability if a RequestDispatcher obtained from a Request object is used. A specially crafted value for a request parameter can be used to access potentially sensitive configuration files or other files, e.g., files in the WEB-INF directory. (CVE-2008-5515)\n\n - The remote server is affected by a denial of service vulnerability if configured to use the Java AJP connector. An attacker can send a malicious request with invalid headers which causes the AJP connector to be put into an error state for a short time. This behavior can be used as a denial of service attack. (CVE-2009-0033)\n\n - The remote server is affected by a username enumeration vulnerability if configured to use FORM authentication along with the 'MemoryRealm', 'DataSourceRealm', or 'JDBCRealm' authentication realms. (CVE-2009-0580)\n\n - The remote server is affected by a script injection vulnerability if the example JSP application, 'cal2.jsp', is installed. An unauthenticated, remote attacker can exploit this issue to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected site.\n (CVE-2009-0781)\n\n - The remote server is vulnerable to unauthorized modification of 'web.xml', 'context.xml', or TLD files of arbitrary web applications. This vulnerability allows the XML parser, used to process the XML and TLD files, to be replaced. (CVE-2009-0783)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2010-05-28T00:00:00", "type": "nessus", "title": "Apache Tomcat < 4.1.40 / 5.5.28 / 6.0.20 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_FORM_USER_ENUM.NASL", "href": "https://www.tenable.com/plugins/nessus/46753", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46753);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2008-5515\",\n \"CVE-2009-0033\",\n \"CVE-2009-0580\",\n \"CVE-2009-0781\",\n \"CVE-2009-0783\"\n );\n script_bugtraq_id(\n 35193,\n 35196,\n 35263,\n 35416\n );\n script_xref(name:\"SECUNIA\", value:\"35326\");\n script_xref(name:\"SECUNIA\", value:\"35344\");\n\n script_name(english:\"Apache Tomcat < 4.1.40 / 5.5.28 / 6.0.20 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Apache Tomcat\nserver listening on the remote host is prior to 4.1.40, 5.5.28, or\n6.0.20. It is, therefore, affected by the following vulnerabilities :\n\n - The remote server is affected by a directory traversal\n vulnerability if a RequestDispatcher obtained from a\n Request object is used. A specially crafted value for a\n request parameter can be used to access potentially\n sensitive configuration files or other files, e.g.,\n files in the WEB-INF directory. (CVE-2008-5515)\n\n - The remote server is affected by a denial of service\n vulnerability if configured to use the Java AJP\n connector. An attacker can send a malicious request with\n invalid headers which causes the AJP connector to be put\n into an error state for a short time. This behavior can\n be used as a denial of service attack. (CVE-2009-0033)\n\n - The remote server is affected by a username enumeration\n vulnerability if configured to use FORM authentication\n along with the 'MemoryRealm', 'DataSourceRealm', or\n 'JDBCRealm' authentication realms. (CVE-2009-0580)\n\n - The remote server is affected by a script injection\n vulnerability if the example JSP application,\n 'cal2.jsp', is installed. An unauthenticated, remote\n attacker can exploit this issue to inject arbitrary HTML\n or script code into a user's browser to be executed\n within the security context of the affected site.\n (CVE-2009-0781)\n\n - The remote server is vulnerable to unauthorized\n modification of 'web.xml', 'context.xml', or TLD files\n of arbitrary web applications. This vulnerability allows\n the XML parser, used to process the XML and TLD files,\n to be replaced. (CVE-2009-0783)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/504125\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-4.html#Fixed_in_Apache_Tomcat_4.1.40\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.28\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.20\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 4.1.40 / 5.5.28 / 6.0.20 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2009-0580\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"D2ExploitPack\");\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:make_list(\"6.0.20\", \"5.5.28\", \"4.1.40\"), severity:SECURITY_WARNING, all_vuln_ceiling: \"4.1.0\", granularity_regex:\"^(6(\\.0)?|5(\\.5)?|4(\\.1)?)$\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:39", "description": "From Red Hat Security Advisory 2009:1164 :\n\nUpdated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie processing behavior: with this update, version 0 cookies that contain values that must be quoted to be valid are automatically changed to version 1 cookies. To reactivate the previous, but insecure behavior, add the following entry to the '/etc/tomcat5/catalina.properties' file :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially crafted requests that would cause a temporary denial of service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications running on Tomcat when FORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar application. With some web browsers, remote attackers could use this flaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : tomcat (ELSA-2009-1164)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-2696"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tomcat5", "p-cpe:/a:oracle:linux:tomcat5-admin-webapps", "p-cpe:/a:oracle:linux:tomcat5-common-lib", "p-cpe:/a:oracle:linux:tomcat5-jasper", "p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-server-lib", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-webapps", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-1164.NASL", "href": "https://www.tenable.com/plugins/nessus/67895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1164 and \n# Oracle Linux Security Advisory ELSA-2009-1164 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67895);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2696\");\n script_bugtraq_id(27706, 35193, 35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1164\");\n\n script_name(english:\"Oracle Linux 5 : tomcat (ELSA-2009-1164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1164 :\n\nUpdated tomcat packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871\ndid not address all possible flaws in the way Tomcat handles certain\ncharacters and character sequences in cookie values. A remote attacker\ncould use this flaw to obtain sensitive information, such as session\nIDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to\nversion 1 cookies. To reactivate the previous, but insecure behavior,\nadd the following entry to the '/etc/tomcat5/catalina.properties' \nfile :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw\nto send specially crafted requests that would cause a temporary denial\nof service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications running on Tomcat when\nFORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this\nflaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser Tomcat uses to parse\nconfiguration files. A malicious web application running on a Tomcat\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same Tomcat\ninstance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001082.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:43:42", "description": "Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie processing behavior: with this update, version 0 cookies that contain values that must be quoted to be valid are automatically changed to version 1 cookies. To reactivate the previous, but insecure behavior, add the following entry to the '/etc/tomcat5/catalina.properties' file :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially crafted requests that would cause a temporary denial of service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications running on Tomcat when FORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar application. With some web browsers, remote attackers could use this flaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : tomcat (CESA-2009:1164)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-2696"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tomcat5", "p-cpe:/a:centos:centos:tomcat5-admin-webapps", "p-cpe:/a:centos:centos:tomcat5-common-lib", "p-cpe:/a:centos:centos:tomcat5-jasper", "p-cpe:/a:centos:centos:tomcat5-jasper-javadoc", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:centos:centos:tomcat5-server-lib", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:centos:centos:tomcat5-webapps", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-1164.NASL", "href": "https://www.tenable.com/plugins/nessus/43770", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1164 and \n# CentOS Errata and Security Advisory 2009:1164 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43770);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2696\");\n script_bugtraq_id(27706, 35193, 35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1164\");\n\n script_name(english:\"CentOS 5 : tomcat (CESA-2009:1164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871\ndid not address all possible flaws in the way Tomcat handles certain\ncharacters and character sequences in cookie values. A remote attacker\ncould use this flaw to obtain sensitive information, such as session\nIDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to\nversion 1 cookies. To reactivate the previous, but insecure behavior,\nadd the following entry to the '/etc/tomcat5/catalina.properties' \nfile :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw\nto send specially crafted requests that would cause a temporary denial\nof service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications running on Tomcat when\nFORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this\nflaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser Tomcat uses to parse\nconfiguration files. A malicious web application running on a Tomcat\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same Tomcat\ninstance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016048.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e6e0cd0\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016049.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?835a0369\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:20:26", "description": "Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie processing behavior: with this update, version 0 cookies that contain values that must be quoted to be valid are automatically changed to version 1 cookies. To reactivate the previous, but insecure behavior, add the following entry to the '/etc/tomcat5/catalina.properties' file :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially crafted requests that would cause a temporary denial of service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications running on Tomcat when FORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar application. With some web browsers, remote attackers could use this flaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2009-07-22T00:00:00", "type": "nessus", "title": "RHEL 5 : tomcat (RHSA-2009:1164)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-2696"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5", "p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-1164.NASL", "href": "https://www.tenable.com/plugins/nessus/40342", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1164. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40342);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2696\");\n script_bugtraq_id(27706, 35193, 35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1164\");\n\n script_name(english:\"RHEL 5 : tomcat (RHSA-2009:1164)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871\ndid not address all possible flaws in the way Tomcat handles certain\ncharacters and character sequences in cookie values. A remote attacker\ncould use this flaw to obtain sensitive information, such as session\nIDs, and then use this information for session hijacking attacks.\n(CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to\nversion 1 cookies. To reactivate the previous, but insecure behavior,\nadd the following entry to the '/etc/tomcat5/catalina.properties' \nfile :\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw\nto send specially crafted requests that would cause a temporary denial\nof service. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications running on Tomcat when\nFORM-based authentication was used. (CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this\nflaw to inject arbitrary web script or HTML via the 'time' parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser Tomcat uses to parse\nconfiguration files. A malicious web application running on a Tomcat\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same Tomcat\ninstance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Tomcat must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1164\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1164\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:16:40", "description": "Multiple security vulnerabilities has been identified and fixed in tomcat5 :\n\nWhen Tomcat's WebDAV servlet is configured for use with a context and has been enabled for write, some WebDAV requests that specify an entity with a SYSTEM tag can result in the contents of arbitary files being returned to the client (CVE-2007-5461).\n\nApache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of a duplicate copy of one of the recent requests, as demonstrated by using netcat to send the empty request (CVE-2007-6286).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an XSS flaw due to invalid HTML which renders the XSS filtering protection ineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : tomcat5 (MDVSA-2009:136)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5461", "CVE-2007-6286", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tomcat5", "p-cpe:/a:mandriva:linux:tomcat5-admin-webapps", "p-cpe:/a:mandriva:linux:tomcat5-common-lib", "p-cpe:/a:mandriva:linux:tomcat5-jasper", "p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse", "p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-server-lib", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-webapps", "cpe:/o:mandriva:linux:2008.1"], "id": "MANDRIVA_MDVSA-2009-136.NASL", "href": "https://www.tenable.com/plugins/nessus/39485", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:136. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39485);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-5461\", \"CVE-2007-6286\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\");\n script_bugtraq_id(35193, 35196, 35263, 35416);\n script_xref(name:\"MDVSA\", value:\"2009:136\");\n\n script_name(english:\"Mandriva Linux Security Advisory : tomcat5 (MDVSA-2009:136)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities has been identified and fixed in\ntomcat5 :\n\nWhen Tomcat's WebDAV servlet is configured for use with a context and\nhas been enabled for write, some WebDAV requests that specify an\nentity with a SYSTEM tag can result in the contents of arbitary files\nbeing returned to the client (CVE-2007-5461).\n\nApache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the\nnative APR connector is used, does not properly handle an empty\nrequest to the SSL port, which allows remote attackers to trigger\nhandling of a duplicate copy of one of the recent requests, as\ndemonstrated by using netcat to send the empty request\n(CVE-2007-6286).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0\nthrough 6.0.18, and possibly earlier versions normalizes the target\npathname before filtering the query string when using the\nRequestDispatcher method, which allows remote attackers to bypass\nintended access restrictions and conduct directory traversal attacks\nvia .. (dot dot) sequences and the WEB-INF directory in a Request\n(CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when FORM authentication is used, allows remote\nattackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nThe calendar application in the examples web application contains an\nXSS flaw due to invalid HTML which renders the XSS filtering\nprotection ineffective (CVE-2009-0781).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than the\ntarget application (CVE-2009-0783).\n\nThe updated packages have been patched to prevent this.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-admin-webapps-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-common-lib-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-eclipse-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-javadoc-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jsp-2.0-api-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-server-lib-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-servlet-2.4-api-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-webapps-5.5.25-1.2.1.3mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:31:44", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix various issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP07.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.2.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications deployed on JBossWeb when FORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser JBossWeb uses to parse configuration files. A malicious web application running on a JBossWeb instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP 'server/[configuration]/deploy/' directory, and any other customized configuration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : JBoss EAP (RHSA-2009:1143)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient", "p-cpe:/a:redhat:enterprise_linux:jboss-cache", "p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:jbossas-4.2.0.ga_cp07-bin", "p-cpe:/a:redhat:enterprise_linux:jbossas-client", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jgroups", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2009-1143.NASL", "href": "https://www.tenable.com/plugins/nessus/63882", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1143. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63882);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_bugtraq_id(35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1143\");\n\n script_name(english:\"RHEL 5 : JBoss EAP (RHSA-2009:1143)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages\nthat fix various issues are now available for Red Hat Enterprise Linux\n5 as JBEAP 4.2.0.CP07.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.2.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications deployed on JBossWeb when\nFORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser JBossWeb uses to parse\nconfiguration files. A malicious web application running on a JBossWeb\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same JBossWeb\ninstance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 5 are advised to\nupgrade to these updated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0783\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1143\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-4.2.0.GA_CP07-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1143\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-client-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-3.3.1-1.10.1GA_CP01.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-javadoc-3.3.1-1.10.1GA_CP01.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-commons-annotations-3.0.0-1jpp.ep1.5.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-commons-annotations-javadoc-3.0.0-1jpp.ep1.5.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-3.3.2-2.4.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-javadoc-3.3.2-2.4.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-validator-3.0.0-1jpp.ep1.8.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-validator-javadoc-3.0.0-1jpp.ep1.8.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jakarta-slide-webdavclient-2.1-9.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-cache-1.4.1-6.SP13.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-remoting-2.2.3-2.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-1.2.1-1.ep1.13.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-docs-1.2.1-1.ep1.13.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-4.2.0-4.GA_CP07.5.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-4.2.0.GA_CP07-bin-4.2.0-4.GA_CP07.5.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-client-4.2.0-4.GA_CP07.5.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossts-4.2.3-1.SP5_CP05.1jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-2.0.0-6.CP11.0jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jgroups-2.4.6-1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rh-eap-docs-4.2.0-5.GA_CP07.ep1.1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rh-eap-docs-examples-4.2.0-5.GA_CP07.ep1.1.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hibernate3 / hibernate3-annotations / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:59", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix various issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.3.0.CP05.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.3.0.CP04.\n\nThese updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications deployed on JBossWeb when FORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser JBossWeb uses to parse configuration files. A malicious web application running on a JBossWeb instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP 'server/[configuration]/deploy/' directory, and any other customized configuration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 4 are advised to upgrade to these updated packages.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 : JBoss EAP (RHSA-2009:1146)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc", "p-cpe:/a:redhat:enterprise_linux:hsqldb", "p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient", "p-cpe:/a:redhat:enterprise_linux:jboss-cache", "p-cpe:/a:redhat:enterprise_linux:jboss-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:jbossas-4.3.0.ga_cp05-bin", "p-cpe:/a:redhat:enterprise_linux:jbossas-client", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jbossws", "p-cpe:/a:redhat:enterprise_linux:jbossws-common", "p-cpe:/a:redhat:enterprise_linux:jbossws-framework", "p-cpe:/a:redhat:enterprise_linux:jbossws-native42", "p-cpe:/a:redhat:enterprise_linux:jbossws-spi", "p-cpe:/a:redhat:enterprise_linux:jgroups", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples", "p-cpe:/a:redhat:enterprise_linux:xerces-j2", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2009-1146.NASL", "href": "https://www.tenable.com/plugins/nessus/63885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1146. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63885);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_bugtraq_id(35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1146\");\n\n script_name(english:\"RHEL 4 : JBoss EAP (RHSA-2009:1146)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages\nthat fix various issues are now available for Red Hat Enterprise Linux\n4 as JBEAP 4.3.0.CP05.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.3.0.CP04.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications deployed on JBossWeb when\nFORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser JBossWeb uses to parse\nconfiguration files. A malicious web application running on a JBossWeb\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same JBossWeb\ninstance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 4 are advised to\nupgrade to these updated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0783\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1146\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hsqldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-4.3.0.GA_CP05-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-framework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-native42\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1146\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"jbossas-client-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaxb-2.1.4-1.11.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"glassfish-jaxb-javadoc-2.1.4-1.11.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-3.2.4-1.SP1_CP08.0jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-3.3.1-1.10.GA_CP01.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-javadoc-3.3.1-1.10.GA_CP01.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-commons-annotations-3.0.0-1jpp.ep1.5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-commons-annotations-javadoc-3.0.0-1jpp.ep1.5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-3.3.2-2.4.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-javadoc-3.3.2-2.4.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP08.0jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-validator-3.0.0-1jpp.ep1.8.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-validator-javadoc-3.0.0-1jpp.ep1.8.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hsqldb-1.8.0.8-2.patch02.1jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jakarta-slide-webdavclient-2.1-9.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-cache-1.4.1-6.SP13.1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-messaging-1.4.0-2.SP3_CP08.1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-remoting-2.2.3-2.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-docs-1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-4.3.0-4.GA_CP05.6.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-4.3.0.GA_CP05-bin-4.3.0-4.GA_CP05.6.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-client-4.3.0-4.GA_CP05.6.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossts-4.2.3-1.SP5_CP05.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossweb-2.0.0-6.CP11.0jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-2.0.1-3.SP2_CP06.3.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-common-1.0.0-2.GA_CP04.1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-framework-2.0.1-1.GA_CP04.2.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-native42-2.0.1-3.SP2_CP06.3.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossws-spi-1.0.0-1.GA_CP02.1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jgroups-2.4.6-1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rh-eap-docs-4.3.0-5.GA_CP05.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rh-eap-docs-examples-4.3.0-5.GA_CP05.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xerces-j2-2.7.1-9jpp.ep1.2.el4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glassfish-jaxb / glassfish-jaxb-javadoc / hibernate3 / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:12", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix various issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.3.0.CP05.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.3.0.CP04.\n\nThese updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications deployed on JBossWeb when FORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser JBossWeb uses to parse configuration files. A malicious web application running on a JBossWeb instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP 'server/[configuration]/deploy/' directory, and any other customized configuration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : JBoss EAP (RHSA-2009:1145)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient", "p-cpe:/a:redhat:enterprise_linux:jboss-cache", "p-cpe:/a:redhat:enterprise_linux:jboss-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:jbossas-4.3.0.ga_cp05-bin", "p-cpe:/a:redhat:enterprise_linux:jbossas-client", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jbossws", "p-cpe:/a:redhat:enterprise_linux:jbossws-common", "p-cpe:/a:redhat:enterprise_linux:jbossws-framework", "p-cpe:/a:redhat:enterprise_linux:jbossws-native42", "p-cpe:/a:redhat:enterprise_linux:jbossws-spi", "p-cpe:/a:redhat:enterprise_linux:jgroups", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2009-1145.NASL", "href": "https://www.tenable.com/plugins/nessus/63884", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1145. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63884);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_bugtraq_id(35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1145\");\n\n script_name(english:\"RHEL 5 : JBoss EAP (RHSA-2009:1145)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages\nthat fix various issues are now available for Red Hat Enterprise Linux\n5 as JBEAP 4.3.0.CP05.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.3.0.CP04.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications deployed on JBossWeb when\nFORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser JBossWeb uses to parse\nconfiguration files. A malicious web application running on a JBossWeb\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same JBossWeb\ninstance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to\nupgrade to these updated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0783\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1145\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-4.3.0.GA_CP05-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-framework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-native42\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1145\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-client-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaxb-2.1.4-1.11.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glassfish-jaxb-javadoc-2.1.4-1.11.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-3.3.1-1.10.1GA_CP01.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-annotations-javadoc-3.3.1-1.10.1GA_CP01.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-commons-annotations-3.0.0-1jpp.ep1.5.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-commons-annotations-javadoc-3.0.0-1jpp.ep1.5.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-3.3.2-2.4.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-entitymanager-javadoc-3.3.2-2.4.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-validator-3.0.0-1jpp.ep1.8.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate3-validator-javadoc-3.0.0-1jpp.ep1.8.3.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jakarta-slide-webdavclient-2.1-9.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-cache-1.4.1-6.SP13.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-messaging-1.4.0-2.SP3_CP08.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-remoting-2.2.3-2.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam-docs-1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-4.3.0-4.GA_CP05.6.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-4.3.0.GA_CP05-bin-4.3.0-4.GA_CP05.6.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-client-4.3.0-4.GA_CP05.6.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossts-4.2.3-1.SP5_CP05.1jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-2.0.0-6.CP11.0jpp.ep1.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-2.0.1-3.SP2_CP06.3.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-common-1.0.0-2.GA_CP04.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-framework-2.0.1-1.GA_CP04.2.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-native42-2.0.1-3.SP2_CP06.3.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossws-spi-1.0.0-1.GA_CP02.1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jgroups-2.4.6-1.ep1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rh-eap-docs-4.3.0-5.GA_CP05.ep1.2.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rh-eap-docs-examples-4.3.0-5.GA_CP05.ep1.2.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glassfish-jaxb / glassfish-jaxb-javadoc / hibernate3 / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:58", "description": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix various issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.2.0.CP07.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.2.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially crafted requests that would cause an information leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute-force methods) usernames registered with applications deployed on JBossWeb when FORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers could replace the XML parser JBossWeb uses to parse configuration files. A malicious web application running on a JBossWeb instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP 'server/[configuration]/deploy/' directory, and any other customized configuration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 4 are advised to upgrade to these updated packages.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 : JBoss EAP (RHSA-2009:1144)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0580", "CVE-2009-0783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:hibernate3", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations", "p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager", "p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator", "p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc", "p-cpe:/a:redhat:enterprise_linux:hsqldb", "p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient", "p-cpe:/a:redhat:enterprise_linux:jboss-cache", "p-cpe:/a:redhat:enterprise_linux:jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-seam", "p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs", "p-cpe:/a:redhat:enterprise_linux:jbossas", "p-cpe:/a:redhat:enterprise_linux:jbossas-4.2.0.ga_cp07-bin", "p-cpe:/a:redhat:enterprise_linux:jbossas-client", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jgroups", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs", "p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples", "p-cpe:/a:redhat:enterprise_linux:xerces-j2", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2009-1144.NASL", "href": "https://www.tenable.com/plugins/nessus/63883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1144. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63883);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0580\", \"CVE-2009-0783\");\n script_bugtraq_id(35196, 35263, 35416);\n script_xref(name:\"RHSA\", value:\"2009:1144\");\n\n script_name(english:\"RHEL 4 : JBoss EAP (RHSA-2009:1144)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages\nthat fix various issues are now available for Red Hat Enterprise Linux\n4 as JBEAP 4.2.0.CP07.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nJBoss Enterprise Application Platform is the market leading platform\nfor innovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a\ncomplete, simple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.2.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is\navailable below in the References section of this errata.\n\nThe following security issues are also fixed with this release :\n\nIt was discovered that request dispatchers did not properly normalize\nuser requests that have trailing query strings, allowing remote\nattackers to send specially crafted requests that would cause an\ninformation leak. (CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain\nauthentication classes did not have sufficient error checking,\nallowing remote attackers to enumerate (via brute-force methods)\nusernames registered with applications deployed on JBossWeb when\nFORM-based authentication was used. (CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML\nparsers could replace the XML parser JBossWeb uses to parse\nconfiguration files. A malicious web application running on a JBossWeb\ninstance could read or, potentially, modify the configuration and\nXML-based data of other web applications deployed on the same JBossWeb\ninstance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n'server/[configuration]/deploy/' directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 4 are advised to\nupgrade to these updated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0783\"\n );\n # http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13c46bfa\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1144\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-entitymanager-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate3-validator-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hsqldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-slide-webdavclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-4.2.0.GA_CP07-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eap-docs-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1144\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"jbossas-client-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-3.2.4-1.SP1_CP08.0jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-3.3.1-1.10.GA_CP01.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-annotations-javadoc-3.3.1-1.10.GA_CP01.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-commons-annotations-3.0.0-1jpp.ep1.5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-commons-annotations-javadoc-3.0.0-1jpp.ep1.5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-3.3.2-2.4.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-entitymanager-javadoc-3.3.2-2.4.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-javadoc-3.2.4-1.SP1_CP08.0jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-validator-3.0.0-1jpp.ep1.8.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hibernate3-validator-javadoc-3.0.0-1jpp.ep1.8.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"hsqldb-1.8.0.8-2.patch02.1jpp.ep1.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jakarta-slide-webdavclient-2.1-9.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-cache-1.4.1-6.SP13.1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-remoting-2.2.3-2.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-1.2.1-1.ep1.19.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam-docs-1.2.1-1.ep1.19.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-4.2.0-4.GA_CP07.5.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-4.2.0.GA_CP07-bin-4.2.0-4.GA_CP07.5.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossas-client-4.2.0-4.GA_CP07.5.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossts-4.2.3-1.SP5_CP05.1jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossweb-2.0.0-6.CP11.0jpp.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jgroups-2.4.6-1.ep1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rh-eap-docs-4.2.0-5.GA_CP07.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rh-eap-docs-examples-4.2.0-5.GA_CP07.ep1.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xerces-j2-2.7.1-9jpp.ep1.2.el4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hibernate3 / hibernate3-annotations / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:33", "description": "Various vulnerabilities have been discovered in the Tomcat Servlet and JSP engine, resulting in denial of service, cross-site scripting, information disclosure and WAR file traversal. Further details on the individual security issues can be found on the Apache Tomcat 5 vulnerabilities page.", "cvss3": {}, "published": "2011-03-30T00:00:00", "type": "nessus", "title": "Debian DSA-2207-1 : tomcat5.5 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-2693", "CVE-2009-2902", "CVE-2010-1157", "CVE-2010-2227"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tomcat5.5", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2207.NASL", "href": "https://www.tenable.com/plugins/nessus/53212", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2207. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53212);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_bugtraq_id(35193, 35196, 35263, 35416, 37944, 37945, 39635, 41544);\n script_xref(name:\"DSA\", value:\"2207\");\n\n script_name(english:\"Debian DSA-2207-1 : tomcat5.5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities have been discovered in the Tomcat Servlet and\nJSP engine, resulting in denial of service, cross-site scripting,\ninformation disclosure and WAR file traversal. Further details on the\nindividual security issues can be found on the Apache Tomcat 5\nvulnerabilities page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2207\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat5.5 packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.5.26-5lenny2.\n\nThe stable distribution (squeeze) no longer contains tomcat5.5.\ntomcat6 is already fixed.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat5.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"tomcat5.5\", reference:\"5.5.26-5lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:51:25", "description": "Multiple vulnerabilities has been found and corrected in tomcat5 :\n\nApache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (') characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE:\nthis issue exists because of an incomplete fix for CVE-2007-3385 (CVE-2007-5333).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request (CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter (CVE-2009-0580).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application (CVE-2009-0783).\n\nDirectory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693).\n\nThe autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests (CVE-2009-2901).\n\nDirectory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename (CVE-2009-2902).\n\nApache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply (CVE-2010-1157).\n\nApache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with recycling of a buffer. (CVE-2010-2227)\n\nPackages for 2008.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2010-09-13T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : tomcat5 (MDVSA-2010:176)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3385", "CVE-2007-5333", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0783", "CVE-2009-2693", "CVE-2009-2901", "CVE-2009-2902", "CVE-2010-1157", "CVE-2010-2227"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tomcat5", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-server-lib", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-webapps", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:tomcat5-admin-webapps", "p-cpe:/a:mandriva:linux:tomcat5-common-lib", "p-cpe:/a:mandriva:linux:tomcat5-jasper", "p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc"], "id": "MANDRIVA_MDVSA-2010-176.NASL", "href": "https://www.tenable.com/plugins/nessus/49206", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:176. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49206);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-5333\", \"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2901\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_bugtraq_id(27706, 35193, 35196, 35263, 35416, 37942, 37944, 37945, 39635, 41544);\n script_xref(name:\"MDVSA\", value:\"2010:176\");\n\n script_name(english:\"Mandriva Linux Security Advisory : tomcat5 (MDVSA-2010:176)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in tomcat5 :\n\nApache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0\nthrough 4.1.36 does not properly handle (1) double quote (')\ncharacters or (2) %5C (encoded backslash) sequences in a cookie value,\nwhich might cause sensitive information such as session IDs to be\nleaked to remote attackers and enable session hijacking attacks. NOTE:\nthis issue exists because of an incomplete fix for CVE-2007-3385\n(CVE-2007-5333).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0\nthrough 6.0.18, and possibly earlier versions normalizes the target\npathname before filtering the query string when using the\nRequestDispatcher method, which allows remote attackers to bypass\nintended access restrictions and conduct directory traversal attacks\nvia .. (dot dot) sequences and the WEB-INF directory in a Request\n(CVE-2008-5515).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when the Java AJP connector and mod_jk load balancing\nare used, allows remote attackers to cause a denial of service\n(application outage) via a crafted request with invalid headers,\nrelated to temporary blocking of connectors that have encountered\nerrors, as demonstrated by an error involving a malformed HTTP Host\nheader (CVE-2009-0033).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18, when FORM authentication is used, allows remote\nattackers to enumerate valid usernames via requests to\n/j_security_check with malformed URL encoding of passwords, related to\nimproper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\nand (3) JDBCRealm authentication realms, as demonstrated by a %\n(percent) value for the j_password parameter (CVE-2009-0580).\n\nApache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\nthrough 6.0.18 permits web applications to replace an XML parser used\nfor other web applications, which allows local users to read or modify\nthe (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\napplications via a crafted application that is loaded earlier than the\ntarget application (CVE-2009-0783).\n\nDirectory traversal vulnerability in Apache Tomcat 5.5.0 through\n5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or\noverwrite arbitrary files via a .. (dot dot) in an entry in a WAR\nfile, as demonstrated by a ../../bin/catalina.bat entry\n(CVE-2009-2693).\n\nThe autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and\n6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase\nfiles that remain from a failed undeploy, which might allow remote\nattackers to bypass intended authentication requirements via HTTP\nrequests (CVE-2009-2901).\n\nDirectory traversal vulnerability in Apache Tomcat 5.5.0 through\n5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete\nwork-directory files via directory traversal sequences in a WAR\nfilename, as demonstrated by the ...war filename (CVE-2009-2902).\n\nApache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might\nallow remote attackers to discover the server's hostname or IP address\nby sending a request for a resource that requires (1) BASIC or (2)\nDIGEST authentication, and then reading the realm field in the\nWWW-Authenticate header in the reply (CVE-2010-1157).\n\nApache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0\nbeta does not properly handle an invalid Transfer-Encoding header,\nwhich allows remote attackers to cause a denial of service\n(application outage) or obtain sensitive information via a crafted\nheader that interferes with recycling of a buffer. (CVE-2010-2227)\n\nPackages for 2008.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4\n90\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-5.5.23-9.2.10.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-admin-webapps-5.5.23-9.2.10.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-common-lib-5.5.23-9.2.10.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jasper-5.5.23-9.2.10.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jasper-javadoc-5.5.23-9.2.10.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jsp-2.0-api-5.5.23-9.2.10.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.3mdv2008