ID de Prueba:	1.3.6.1.4.1.25623.1.0.851553
Categoría:	SuSE Local Security Checks
Título:	openSUSE: Security Advisory for tomcat (openSUSE-SU-2017:1292-1)
Resumen:	The remote host is missing an update for the 'tomcat'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat' package(s) announced via the referenced advisory. Vulnerability Insight: This update for tomcat fixes the following issues: - CVE-2017-5647 Pipelined requests could lead to information disclosure (bsc#1033448) - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure (bsc#1033447) - CVE-2016-8745 shared Processor on Connector code could lead to information disclosure (bsc#1015119) This update was imported from the SUSE:SLE-12-SP1:Update and SUSE:SLE-12-SP2:Update update projects. Affected Software/OS: tomcat on openSUSE Leap 42.2, openSUSE Leap 42.1 Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8745 BugTraq ID: 94828 http://www.securityfocus.com/bid/94828 Debian Security Information: DSA-3754 (Google Search) http://www.debian.org/security/2017/dsa-3754 Debian Security Information: DSA-3755 (Google Search) http://www.debian.org/security/2017/dsa-3755 https://security.gentoo.org/glsa/201705-09 https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2017:0455 https://access.redhat.com/errata/RHSA-2017:0455 RedHat Security Advisories: RHSA-2017:0456 https://access.redhat.com/errata/RHSA-2017:0456 RedHat Security Advisories: RHSA-2017:0457 http://rhn.redhat.com/errata/RHSA-2017-0457.html RedHat Security Advisories: RHSA-2017:0527 http://rhn.redhat.com/errata/RHSA-2017-0527.html RedHat Security Advisories: RHSA-2017:0935 https://access.redhat.com/errata/RHSA-2017:0935 http://www.securitytracker.com/id/1037432 Common Vulnerability Exposure (CVE) ID: CVE-2017-5647 Debian Security Information: DSA-3842 (Google Search) http://www.debian.org/security/2017/dsa-3842 Debian Security Information: DSA-3843 (Google Search) http://www.debian.org/security/2017/dsa-3843 https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/5796678c5a773c6f3ff57c178ac247d85ceca0dee9190ba48171451a@%3Cusers.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801 RedHat Security Advisories: RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802 RedHat Security Advisories: RHSA-2017:2493 https://access.redhat.com/errata/RHSA-2017:2493 RedHat Security Advisories: RHSA-2017:2494 https://access.redhat.com/errata/RHSA-2017:2494 RedHat Security Advisories: RHSA-2017:3080 https://access.redhat.com/errata/RHSA-2017:3080 RedHat Security Advisories: RHSA-2017:3081 https://access.redhat.com/errata/RHSA-2017:3081 http://www.securitytracker.com/id/1038218 Common Vulnerability Exposure (CVE) ID: CVE-2017-5648 BugTraq ID: 97530 http://www.securityfocus.com/bid/97530 http://www.openwall.com/lists/oss-security/2020/07/20/8 https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2017:1809 https://access.redhat.com/errata/RHSA-2017:1809 http://www.securitytracker.com/id/1038220
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.