ID de Prueba:	1.3.6.1.4.1.25623.1.0.870408
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for tomcat5 RHSA-2011:0336-01
Resumen:	The remote host is missing an update for the 'tomcat5'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat5' package(s) announced via the referenced advisory. Vulnerability Insight: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Tomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476) Users of Tomcat should upgrade to these updated packages, which contain a backported patch to correct this issue. Tomcat must be restarted for this update to take effect. Affected Software/OS: tomcat5 on Red Hat Enterprise Linux (v. 5 server) Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4476 AIX APAR: IZ94423 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423 AIX APAR: PM31983 http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983 Debian Security Information: DSA-2161 (Google Search) http://www.debian.org/security/2011/dsa-2161 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBMA02642 http://marc.info/?l=bugtraq&m=130514352726432&w=2 HPdes Security Advisory: HPSBMU02690 http://marc.info/?l=bugtraq&m=131041767210772&w=2 HPdes Security Advisory: HPSBMU02797 http://marc.info/?l=bugtraq&m=134254957702612&w=2 HPdes Security Advisory: HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPdes Security Advisory: HPSBNS02633 http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475 HPdes Security Advisory: HPSBOV02634 http://marc.info/?l=bugtraq&m=130497132406206&w=2 HPdes Security Advisory: HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPdes Security Advisory: HPSBTU02684 http://marc.info/?l=bugtraq&m=130497185606818&w=2 HPdes Security Advisory: HPSBUX02633 http://marc.info/?l=bugtraq&m=129899347607632&w=2 HPdes Security Advisory: HPSBUX02641 http://marc.info/?l=bugtraq&m=129960314701922&w=2 HPdes Security Advisory: HPSBUX02642 http://marc.info/?l=bugtraq&m=130270785502599&w=2 HPdes Security Advisory: HPSBUX02645 http://marc.info/?l=bugtraq&m=130168502603566&w=2 HPdes Security Advisory: HPSBUX02725 http://marc.info/?l=bugtraq&m=132215163318824&w=2 HPdes Security Advisory: HPSBUX02777 http://marc.info/?l=bugtraq&m=133728004526190&w=2 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100387 HPdes Security Advisory: SSRT100390 HPdes Security Advisory: SSRT100412 HPdes Security Advisory: SSRT100415 HPdes Security Advisory: SSRT100569 HPdes Security Advisory: SSRT100627 HPdes Security Advisory: SSRT100825 HPdes Security Advisory: SSRT100854 HPdes Security Advisory: SSRT100867 HPdes Security Advisory: SSRT101146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:054 http://blog.fortify.com/blog/2011/02/08/Double-Trouble http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493 http://www.redhat.com/support/errata/RHSA-2011-0210.html http://www.redhat.com/support/errata/RHSA-2011-0211.html http://www.redhat.com/support/errata/RHSA-2011-0212.html http://www.redhat.com/support/errata/RHSA-2011-0213.html http://www.redhat.com/support/errata/RHSA-2011-0214.html http://www.redhat.com/support/errata/RHSA-2011-0282.html http://www.redhat.com/support/errata/RHSA-2011-0333.html http://www.redhat.com/support/errata/RHSA-2011-0334.html http://www.redhat.com/support/errata/RHSA-2011-0880.html http://www.securitytracker.com/id?1025062 http://secunia.com/advisories/43048 http://secunia.com/advisories/43280 http://secunia.com/advisories/43295 http://secunia.com/advisories/43304 http://secunia.com/advisories/43333 http://secunia.com/advisories/43378 http://secunia.com/advisories/43400 http://secunia.com/advisories/43659 http://secunia.com/advisories/44954 http://secunia.com/advisories/45022 http://secunia.com/advisories/45555 http://secunia.com/advisories/49198 SuSE Security Announcement: SUSE-SA:2011:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html SuSE Security Announcement: SUSE-SU-2011:0823 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html http://www.vupen.com/english/advisories/2011/0365 http://www.vupen.com/english/advisories/2011/0377 http://www.vupen.com/english/advisories/2011/0379 http://www.vupen.com/english/advisories/2011/0422 http://www.vupen.com/english/advisories/2011/0434 http://www.vupen.com/english/advisories/2011/0605
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.