ID de Prueba:	1.3.6.1.4.1.25623.1.0.65122
Categoría:	SuSE Local Security Checks
Título:	SLES9: Security update for Tomcat
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache-jakarta-tomcat-connectors apache2-jakarta-tomcat-connectors jakarta-tomcat jakarta-tomcat-doc jakarta-tomcat-examples For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5035120 within the SuSE Enterprise Server 9 patch database at http://download.novell.com/patch/finder/ Solution: Please install the updates provided by SuSE. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2938 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html BugTraq ID: 30633 http://www.securityfocus.com/bid/30633 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080811 Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability (Google Search) http://www.securityfocus.com/archive/1/495318/100/0/threaded Bugtraq: 20091107 ToutVirtual VirtualIQ Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/507729/100/0/threaded CERT/CC vulnerability note: VU#343355 http://www.kb.cert.org/vuls/id/343355 https://www.exploit-db.com/exploits/6229 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html HPdes Security Advisory: HPSBUX02401 http://marc.info/?l=bugtraq&m=123376588623823&w=2 HPdes Security Advisory: SSRT090005 http://www.mandriva.com/security/advisories?name=MDVSA-2008:188 http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10587 http://www.redhat.com/support/errata/RHSA-2008-0648.html http://www.redhat.com/support/errata/RHSA-2008-0862.html http://www.redhat.com/support/errata/RHSA-2008-0864.html http://www.securitytracker.com/id?1020665 http://secunia.com/advisories/31639 http://secunia.com/advisories/31865 http://secunia.com/advisories/31891 http://secunia.com/advisories/31982 http://secunia.com/advisories/32120 http://secunia.com/advisories/32222 http://secunia.com/advisories/32266 http://secunia.com/advisories/33797 http://secunia.com/advisories/37297 http://securityreason.com/securityalert/4148 SuSE Security Announcement: SUSE-SR:2008:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.vupen.com/english/advisories/2008/2343 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2008/2823 http://www.vupen.com/english/advisories/2009/0320 XForce ISS Database: tomcat-allowlinking-utf8-directory-traversal(44411) https://exchange.xforce.ibmcloud.com/vulnerabilities/44411
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.