Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20120411_TOMCAT6_ON_SL6.NASL
HistoryAug 01, 2012 - 12:00 a.m.

Scientific Linux Security Update : tomcat6 on SL6.x (20120411)

2012-08-0100:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

It was found that the Java hashCode() method implementation was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause Tomcat to use an excessive amount of CPU time by sending an HTTP request with a large number of parameters whose names map to the same hash value. This update introduces a limit on the number of parameters processed per request to mitigate this issue.
The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.
(CVE-2011-4858)

It was found that Tomcat did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make Tomcat use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values.
This update introduces limits on the number of parameters and headers processed per request to address this issue. Refer to the CVE-2011-4858 description for information about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.
(CVE-2012-0022)

Users of Tomcat should upgrade to these updated packages, which correct these issues. Tomcat must be restarted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(61300);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2011-4858", "CVE-2012-0022");

  script_name(english:"Scientific Linux Security Update : tomcat6 on SL6.x (20120411)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Apache Tomcat is a servlet container for the Java Servlet and
JavaServer Pages (JSP) technologies.

It was found that the Java hashCode() method implementation was
susceptible to predictable hash collisions. A remote attacker could
use this flaw to cause Tomcat to use an excessive amount of CPU time
by sending an HTTP request with a large number of parameters whose
names map to the same hash value. This update introduces a limit on
the number of parameters processed per request to mitigate this issue.
The default limit is 512 for parameters and 128 for headers. These
defaults can be changed by setting the
org.apache.tomcat.util.http.Parameters.MAX_COUNT and
org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.
(CVE-2011-4858)

It was found that Tomcat did not handle large numbers of parameters
and large parameter values efficiently. A remote attacker could make
Tomcat use an excessive amount of CPU time by sending an HTTP request
containing a large number of parameters or large parameter values.
This update introduces limits on the number of parameters and headers
processed per request to address this issue. Refer to the
CVE-2011-4858 description for information about the
org.apache.tomcat.util.http.Parameters.MAX_COUNT and
org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.
(CVE-2012-0022) 

Users of Tomcat should upgrade to these updated packages, which
correct these issues. Tomcat must be restarted for this update to take
effect."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1204&L=scientific-linux-errata&T=0&P=1107
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?abd1b6da"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-admin-webapps");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-docs-webapp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-el-2.1-api");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-jsp-2.1-api");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-lib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-servlet-2.5-api");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:tomcat6-webapps");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/04/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"tomcat6-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-admin-webapps-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-docs-webapp-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-el-2.1-api-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-javadoc-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-jsp-2.1-api-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-lib-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-servlet-2.5-api-6.0.24-36.el6_2")) flag++;
if (rpm_check(release:"SL6", reference:"tomcat6-webapps-6.0.24-36.el6_2")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxtomcat6p-cpe:/a:fermilab:scientific_linux:tomcat6
fermilabscientific_linuxtomcat6-admin-webappsp-cpe:/a:fermilab:scientific_linux:tomcat6-admin-webapps
fermilabscientific_linuxtomcat6-docs-webappp-cpe:/a:fermilab:scientific_linux:tomcat6-docs-webapp
fermilabscientific_linuxtomcat6-el-2.1-apip-cpe:/a:fermilab:scientific_linux:tomcat6-el-2.1-api
fermilabscientific_linuxtomcat6-javadocp-cpe:/a:fermilab:scientific_linux:tomcat6-javadoc
fermilabscientific_linuxtomcat6-jsp-2.1-apip-cpe:/a:fermilab:scientific_linux:tomcat6-jsp-2.1-api
fermilabscientific_linuxtomcat6-libp-cpe:/a:fermilab:scientific_linux:tomcat6-lib
fermilabscientific_linuxtomcat6-servlet-2.5-apip-cpe:/a:fermilab:scientific_linux:tomcat6-servlet-2.5-api
fermilabscientific_linuxtomcat6-webappsp-cpe:/a:fermilab:scientific_linux:tomcat6-webapps
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Related

nessus 30
openvas 28
debiancve 2
oraclelinux 2
ubuntucve 2
centos 2
osv 3
redhat 11
github 2
cve 3
prion 2
ubuntu 1
checkpoint_advisories 1
seebug 2
tomcat 3
freebsd 1
securityvulns 6
ibm 7
debian 1
exploitpack 1
exploitdb 1
vmware 2
gentoo 1
oracle 1
nessus
nessus
Apache Tomcat 7.x < 7.0.23 Hash Collision DoS
2012-01-13 00:00:00
Oracle Solaris Third-Party Patch Update : tomcat (multiple_denial_of_service_dos)
2015-01-19 00:00:00
Mandriva Linux Security Advisory : tomcat5 (MDVSA-2012:085)
2012-05-31 00:00:00
openvas
openvas
RedHat Update for tomcat5 RHSA-2012:0474-01
2012-04-13 00:00:00
RedHat Update for tomcat6 RHSA-2012:0475-01
2012-07-09 00:00:00
RedHat Update for tomcat6 RHSA-2012:0475-01
2012-07-09 00:00:00
debiancve
debiancve
CVE-2012-0022
2012-01-19 04:01:00
CVE-2011-4858
2012-01-05 19:55:00
oraclelinux
oraclelinux
tomcat6 security update
2012-04-11 00:00:00
tomcat5 security update
2012-04-11 00:00:00
ubuntucve
ubuntucve
CVE-2012-0022
2012-01-18 00:00:00
CVE-2011-4858
2012-01-05 00:00:00
centos
centos
tomcat6 security update
2012-04-11 20:13:41
tomcat5 security update
2012-04-11 19:16:37
osv
osv
Denial of Service in Apache Tomcat
2022-05-04 00:27:43
Improper Input Validation in Apache Tomcat
2022-05-14 03:52:45
tomcat6 - several
2012-02-02 00:00:00
redhat
redhat
(RHSA-2012:0474) Moderate: tomcat5 security update
2012-04-11 00:00:00
(RHSA-2012:0475) Moderate: tomcat6 security update
2012-04-11 00:00:00
(RHSA-2012:1331) Moderate: JBoss Operations Network 3.1.1 update
2012-10-03 15:08:03
github
github
Denial of Service in Apache Tomcat
2022-05-04 00:27:43
Improper Input Validation in Apache Tomcat
2022-05-14 03:52:45
cve
cve
CVE-2012-0022
2012-01-19 04:01:00
CVE-2011-4858
2012-01-05 19:55:00
CVE-2011-4084
2011-12-30 01:55:00
prion
prion
Design/Logic Flaw
2012-01-19 04:01:00
Code injection
2012-01-05 19:55:00
ubuntu
ubuntu
Tomcat vulnerabilities
2012-02-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Tomcat Parameter Hash Collision Denial of Service - Ver2 (CVE-2011-4858)
2014-04-16 00:00:00
seebug
seebug
Apache Tomcat Large Number Denial Of Service
2012-01-18 00:00:00
PHP Hash Table Collision Proof Of Concept
2014-07-01 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.35
2012-01-16 00:00:00
Fixed in Apache Tomcat 7.0.23
2011-11-25 00:00:00
Fixed in Apache Tomcat 6.0.35
2011-12-05 00:00:00
freebsd
freebsd
tomcat -- Denial of Service
2011-10-21 00:00:00
securityvulns
securityvulns
Apache Tomcat security vulnerabilities
2012-01-20 00:00:00
[security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I &#40;NNMi&#41; for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service &#40;DoS&#41;, Unauthorized Access, Execution of Arbitrary Code
2013-07-29 00:00:00
VMWare applications multiple security vulnerabilities
2012-03-20 00:00:00
ibm
ibm
Security Bulletin: Tivoli Key Lifecycle Manager can be affected by multiple vulnerabilities in Tivoli Integrated Portal (CVE-2013-0464, CVE-2012-3325, CVE-2011-4858)
2022-09-25 21:06:56
Security Bulletin: Tivoli Workload Dynamic Console Vulnerability exposure in Tivoli Integrated Portal component
2022-09-26 03:29:56
Security Bulletin: Tivoli Storage Productivity Center, multiple security vulnerabilities in IBM Tivoli Integrated Portal (CVE-2013-0464, CVE-2012-3325, CVE-2011-4858)
2022-09-26 22:21:32
debian
debian
[SECURITY] [DSA 2401-1] tomcat6 security update
2012-02-02 19:29:50
exploitpack
exploitpack
PHP Hash Table Collision - Denial of Service (PoC)
2012-01-03 00:00:00
exploitdb
exploitdb
PHP Hash Table Collision - Denial of Service (PoC)
2012-01-03 00:00:00
vmware
vmware
VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issues
2012-03-15 00:00:00
VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
2012-03-15 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2012-06-24 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2013
2013-01-15 00:00:00
JSON
Related for SL_20120411_TOMCAT6_ON_SL6.NASL
nessus30openvas28debiancve2oraclelinux2ubuntucve2centos2osv3redhat11github2cve3prion2ubuntu1checkpoint_advisories1seebug2tomcat3freebsd1securityvulns6ibm7debian1exploitpack1exploitdb1vmware2gentoo1oracle1