Lucene search
Copyright (C) 2016 Greenbone AGOPENVAS:1361412562310872150HistoryDec 16, 2016 - 12:00 a.m.
Fedora Update for tomcat FEDORA-2016-9c33466fbb
2016-12-1600:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
26
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.251 Low
EPSS
Percentile
96.6%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.872150");
script_version("2023-05-18T09:08:59+0000");
script_tag(name:"last_modification", value:"2023-05-18 09:08:59 +0000 (Thu, 18 May 2023)");
script_tag(name:"creation_date", value:"2016-12-16 06:03:12 +0100 (Fri, 16 Dec 2016)");
script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
script_cve_id("CVE-2016-6816", "CVE-2016-6817", "CVE-2016-8735");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-10-05 22:15:00 +0000 (Mon, 05 Oct 2020)");
script_tag(name:"qod_type", value:"package");
script_name("Fedora Update for tomcat FEDORA-2016-9c33466fbb");
script_tag(name:"summary", value:"The remote host is missing an update for the 'tomcat'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"affected", value:"tomcat on Fedora 23");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_xref(name:"FEDORA", value:"2016-9c33466fbb");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PENNFBRKLWKJB57BLHAVVE7N7SNJZAAG");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2016 Greenbone AG");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC23");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "FC23")
{
if ((res = isrpmvuln(pkg:"tomcat", rpm:"tomcat~8.0.39~1.fc23", rls:"FC23")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Related
fedora
fedora
[SECURITY] Fedora 25 Update: tomcat-8.0.39-1.fc25
2016-12-14 21:31:31
[SECURITY] Fedora 24 Update: tomcat-8.0.39-1.fc24
2016-12-14 22:57:34
[SECURITY] Fedora 23 Update: tomcat-8.0.39-1.fc23
2016-12-15 01:21:03
openvas
openvas
Fedora Update for tomcat FEDORA-2016-98cca07999
2016-12-16 00:00:00
Fedora Update for tomcat FEDORA-2016-a98c560116
2016-12-16 00:00:00
Mageia: Security Advisory (MGASA-2016-0417)
2022-01-28 00:00:00
ibm
ibm
nessus
nessus
Fedora 23 : 1:tomcat (2016-9c33466fbb)
2016-12-15 00:00:00
Fedora 24 : 1:tomcat (2016-a98c560116)
2016-12-16 00:00:00
Apache Tomcat 8.5.x < 8.5.8 / 9.0.0.x < 9.0.0.M13 Multiple Vulnerabilities
2017-01-24 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 9.0.0.M13
2016-11-08 00:00:00
Fixed in Apache Tomcat 8.5.8
2016-11-08 00:00:00
Fixed in Apache Tomcat 8.0.39
2016-11-14 00:00:00
freebsd
freebsd
tomcat -- multiple vulnerabilities
2016-11-22 00:00:00
amazon
amazon
Important: tomcat6
2016-12-15 00:41:00
Important: tomcat7
2016-12-15 00:48:00
Important: tomcat8
2016-12-15 00:50:00
archlinux
archlinux
[ASA-201611-22] tomcat6: multiple issues
2016-11-23 00:00:00
mageia
mageia
Updated tomcat package fixes security vulnerabilities
2016-12-12 01:44:05
debian
debian
[SECURITY] [DSA 3739-1] tomcat8 security update
2016-12-18 09:12:31
[SECURITY] [DSA 3738-1] tomcat7 security update
2016-12-18 09:12:10
[SECURITY] [DSA 3739-1] tomcat8 security update
2016-12-18 09:12:31
redhatcve
redhatcve
github
github
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
2022-05-14 01:10:16
Improper Input Validation in Apache Tomcat
2022-05-13 01:14:53
Apache Tomcat Improper Access Control vulnerability
2022-05-13 01:14:52
checkpoint_advisories
checkpoint_advisories
Apache Tomcat Remote Code Execution (CVE-2016-8735)
2020-03-27 00:00:00
f5
f5
SOL49820145 - Apache Tomcat vulnerability CVE-2016-8735
2016-12-01 00:00:00
K49160100 : Apache Tomcat vulnerability CVE-2016-6817
2016-12-02 00:00:00
SOL49160100 - Apache Tomcat vulnerability CVE-2016-6817
2016-12-02 00:00:00
osv
osv
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
2022-05-14 01:10:16
CVE-2016-6817
2017-08-10 22:29:00
Improper Input Validation in Apache Tomcat
2022-05-13 01:14:53
seebug
seebug
Apache Tomcat denial of service vulnerability, CVE-2016-6817)
2017-02-13 00:00:00
Apache Tomcat information disclosure Vulnerability, CVE-2016-6816)
2017-02-13 00:00:00
Apache Tomcat Remote Code Execution(CVE-2016-8735)
2016-11-25 00:00:00
cve
cve
debiancve
debiancve
prion
prion
Design/Logic Flaw
2017-08-10 22:29:00
Design/Logic Flaw
2017-03-20 18:59:00
Remote code execution
2017-04-06 21:59:00
ubuntucve
ubuntucve
exploitpack
exploitpack
Apache Tomcat 6789 - Information Disclosure
2017-04-04 00:00:00
packetstorm
packetstorm
Apache Tomcat 6 / 7 / 8 / 9 Information Disclosure
2017-04-04 00:00:00
zdt
zdt
Apache Tomcat 6/7/8/9 - Information Disclosure Vulnerability
2017-04-03 00:00:00
veracode
veracode
Cross-site Scripting (XSS) Or Information Disclosure
2019-01-15 09:15:22
Denial Of Service (DoS) Via Infinite Loop
2017-02-22 02:23:40
exploitdb
exploitdb
Apache Tomcat 6/7/8/9 - Information Disclosure
2017-04-04 00:00:00
suse
suse
Security update for tomcat (important)
2016-12-14 01:28:16
Security update for tomcat (important)
2016-12-10 23:07:49
Security update for tomcat (important)
2016-12-10 23:11:58
attackerkb
attackerkb
CVE-2016-8735
2017-04-06 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2020-09-30 00:00:00
Tomcat regression
2017-02-02 00:00:00
Tomcat vulnerabilities
2017-01-23 00:00:00
cisa_kev
cisa_kev
Apache Tomcat Remote Code Execution Vulnerability
2023-05-12 00:00:00
redhat
redhat
(RHSA-2017:0527) Moderate: tomcat6 security update
2017-03-15 12:06:21
(RHSA-2017:0935) Moderate: tomcat security update
2017-04-12 13:36:04
oraclelinux
oraclelinux
tomcat6 security update
2017-03-15 00:00:00
tomcat security update
2017-04-12 00:00:00
centos
centos
tomcat security update
2017-04-13 11:00:11
tomcat6 security update
2017-03-17 14:19:39
atlassian
atlassian
Update bundled Apache Tomcat due to security vulnerabilities
2017-04-17 08:48:35
Update bundled Apache Tomcat due to security vulnerabilities
2017-04-17 08:48:35
photon
photon
kitploit
kitploit
pentestit
pentestit
JexBoss: Java Deserialization Verification & EXploitation Tool!
2017-08-11 06:52:45
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.251 Low
EPSS
Percentile
96.6%
Related for OPENVAS:1361412562310872150