ID de Prueba:	1.3.6.1.4.1.25623.1.0.62192
Categoría:	CentOS Local Security Checks
Título:	CentOS Security Advisory CESA-2007:0871 (tomcat)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to tomcat announced in advisory CESA-2007:0871. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2007:0871 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2007:0871 https://rhn.redhat.com/errata/RHSA-2007-0871.html Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3382 AIX APAR: IZ55562 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html BugTraq ID: 25316 http://www.securityfocus.com/bid/25316 Bugtraq: 20070814 CVE-2007-3382: Handling of cookies containing a ' character (Google Search) http://www.securityfocus.com/archive/1/476442/100/0/threaded Bugtraq: 20070814 Re: CVE-2007-3382: Handling of cookies containing a ' character (Google Search) http://www.securityfocus.com/archive/1/476466/100/0/threaded Bugtraq: 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/500396/100/0/threaded Bugtraq: 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Google Search) http://www.securityfocus.com/archive/1/500412/100/0/threaded CERT/CC vulnerability note: VU#993544 http://www.kb.cert.org/vuls/id/993544 Debian Security Information: DSA-1447 (Google Search) http://www.debian.org/security/2008/dsa-1447 Debian Security Information: DSA-1453 (Google Search) http://www.debian.org/security/2008/dsa-1453 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html HPdes Security Advisory: HPSBTU02276 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554 HPdes Security Advisory: HPSBUX02262 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 HPdes Security Advisory: SSRT071447 HPdes Security Advisory: SSRT071472 http://www.mandriva.com/security/advisories?name=MDKSA-2007:241 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11269 http://www.redhat.com/support/errata/RHSA-2007-0871.html http://www.redhat.com/support/errata/RHSA-2007-0950.html http://www.redhat.com/support/errata/RHSA-2008-0195.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://securitytracker.com/id?1018556 http://secunia.com/advisories/26466 http://secunia.com/advisories/26898 http://secunia.com/advisories/27037 http://secunia.com/advisories/27267 http://secunia.com/advisories/27727 http://secunia.com/advisories/28317 http://secunia.com/advisories/28361 http://secunia.com/advisories/29242 http://secunia.com/advisories/30802 http://secunia.com/advisories/33668 http://secunia.com/advisories/36486 SuSE Security Announcement: SUSE-SR:2008:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.vupen.com/english/advisories/2007/2902 http://www.vupen.com/english/advisories/2007/3386 http://www.vupen.com/english/advisories/2007/3527 http://www.vupen.com/english/advisories/2008/1981/references http://www.vupen.com/english/advisories/2009/0233 XForce ISS Database: tomcat-quotecookie-information-disclosure(36006) https://exchange.xforce.ibmcloud.com/vulnerabilities/36006 Common Vulnerability Exposure (CVE) ID: CVE-2007-3385 Bugtraq: 20070814 CVE-2007-3385: Handling of \" in cookies (Google Search) http://www.securityfocus.com/archive/1/476444/100/0/threaded https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549 http://securitytracker.com/id?1018557 http://secunia.com/advisories/44183 http://securityreason.com/securityalert/3011 XForce ISS Database: tomcat-slashcookie-information-disclosure(35999) https://exchange.xforce.ibmcloud.com/vulnerabilities/35999 Common Vulnerability Exposure (CVE) ID: CVE-2007-3386 BugTraq ID: 25314 http://www.securityfocus.com/bid/25314 Bugtraq: 20070814 CVE-2007-3386: XSS in Host Manager (Google Search) http://www.securityfocus.com/archive/1/476448/100/0/threaded http://jvn.jp/jp/JVN%2359851336/index.html http://osvdb.org/36417 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10077 http://securitytracker.com/id?1018558 http://secunia.com/advisories/26465 http://securityreason.com/securityalert/3010 http://www.vupen.com/english/advisories/2007/2880 XForce ISS Database: tomcat-hostmanager-alias-xss(36001) https://exchange.xforce.ibmcloud.com/vulnerabilities/36001
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.