ID de Prueba:	1.3.6.1.4.1.25623.1.0.70752
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: tomcat
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: tomcat CVE-2012-0022 Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0022 BugTraq ID: 51447 http://www.securityfocus.com/bid/51447 Bugtraq: 20120117 [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-01/0112.html Debian Security Information: DSA-2401 (Google Search) http://www.debian.org/security/2012/dsa-2401 HPdes Security Advisory: HPSBMU02747 http://marc.info/?l=bugtraq&m=133294394108746&w=2 HPdes Security Advisory: HPSBUX02741 http://marc.info/?l=bugtraq&m=132871655717248&w=2 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100728 HPdes Security Advisory: SSRT100771 HPdes Security Advisory: SSRT101146 http://www.mandriva.com/security/advisories?name=MDVSA-2012:085 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16925 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18934 RedHat Security Advisories: RHSA-2012:0074 http://rhn.redhat.com/errata/RHSA-2012-0074.html RedHat Security Advisories: RHSA-2012:0075 http://rhn.redhat.com/errata/RHSA-2012-0075.html RedHat Security Advisories: RHSA-2012:0076 http://rhn.redhat.com/errata/RHSA-2012-0076.html RedHat Security Advisories: RHSA-2012:0077 http://rhn.redhat.com/errata/RHSA-2012-0077.html RedHat Security Advisories: RHSA-2012:0078 http://rhn.redhat.com/errata/RHSA-2012-0078.html RedHat Security Advisories: RHSA-2012:0325 http://rhn.redhat.com/errata/RHSA-2012-0325.html RedHat Security Advisories: RHSA-2012:0345 http://rhn.redhat.com/errata/RHSA-2012-0345.html RedHat Security Advisories: RHSA-2012:1331 http://rhn.redhat.com/errata/RHSA-2012-1331.html http://secunia.com/advisories/48213 http://secunia.com/advisories/48549 http://secunia.com/advisories/48790 http://secunia.com/advisories/48791 http://secunia.com/advisories/50863 XForce ISS Database: apache-tomcat-parameter-dos(72425) https://exchange.xforce.ibmcloud.com/vulnerabilities/72425
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.