Test Kennung:	1.3.6.1.4.1.25623.1.0.122466
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle Linux Local Check: ELSA-2009-1164
Zusammenfassung:	Oracle Linux Local Security Checks ELSA-2009-1164
Beschreibung:	Summary: Oracle Linux Local Security Checks ELSA-2009-1164 Vulnerability Insight: ELSA-2009-1164 - tomcat security update. Please see the references for more insight. Solution: Update the affected packages to the latest available version. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5333 AIX APAR: IZ20133 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20133 AIX APAR: IZ20991 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20991 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html BugTraq ID: 27706 http://www.securityfocus.com/bid/27706 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080208 [SECURITY] CVE-2007-5333: Tomcat Cookie handling vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/487822/100/0/threaded Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html http://security.gentoo.org/glsa/glsa-200804-10.xml HPdes Security Advisory: HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://jvn.jp/jp/JVN%2309470767/index.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:018 http://www.mandriva.com/security/advisories?name=MDVSA-2010:176 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11177 http://secunia.com/advisories/28878 http://secunia.com/advisories/28884 http://secunia.com/advisories/28915 http://secunia.com/advisories/29711 http://secunia.com/advisories/30676 http://secunia.com/advisories/30802 http://secunia.com/advisories/32036 http://secunia.com/advisories/32222 http://secunia.com/advisories/33330 http://secunia.com/advisories/37460 http://secunia.com/advisories/44183 http://secunia.com/advisories/57126 http://securityreason.com/securityalert/3636 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.vupen.com/english/advisories/2008/0488 http://www.vupen.com/english/advisories/2008/1856/references http://www.vupen.com/english/advisories/2008/1981/references http://www.vupen.com/english/advisories/2008/2690 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2009/3316 Common Vulnerability Exposure (CVE) ID: CVE-2008-5515 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 35263 http://www.securityfocus.com/bid/35263 Bugtraq: 20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search) http://www.securityfocus.com/archive/1/504170/100/0/threaded Bugtraq: 20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search) http://www.securityfocus.com/archive/1/504202/100/0/threaded Debian Security Information: DSA-2207 (Google Search) http://www.debian.org/security/2011/dsa-2207 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html HPdes Security Advisory: HPSBMA02535 http://marc.info/?l=bugtraq&m=127420533226623&w=2 HPdes Security Advisory: HPSBUX02579 http://marc.info/?l=bugtraq&m=129070310906557&w=2 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100029 HPdes Security Advisory: SSRT100203 HPdes Security Advisory: SSRT101146 http://jvn.jp/en/jp/JVN63832775/index.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:136 http://www.mandriva.com/security/advisories?name=MDVSA-2009:138 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445 http://secunia.com/advisories/35393 http://secunia.com/advisories/35685 http://secunia.com/advisories/35788 http://secunia.com/advisories/39317 http://secunia.com/advisories/42368 http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html SuSE Security Announcement: SUSE-SR:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://www.vupen.com/english/advisories/2009/1520 http://www.vupen.com/english/advisories/2009/1535 http://www.vupen.com/english/advisories/2009/1856 http://www.vupen.com/english/advisories/2010/3056 Common Vulnerability Exposure (CVE) ID: CVE-2009-0033 BugTraq ID: 35193 http://www.securityfocus.com/bid/35193 Bugtraq: 20090603 [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector (Google Search) http://www.securityfocus.com/archive/1/504044/100/0/threaded HPdes Security Advisory: HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPdes Security Advisory: SSRT100825 http://jvn.jp/en/jp/JVN87272440/index.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19110 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5739 http://securitytracker.com/id?1022331 http://secunia.com/advisories/35326 http://secunia.com/advisories/35344 http://www.vupen.com/english/advisories/2009/1496 XForce ISS Database: tomcat-ajp-dos(50928) https://exchange.xforce.ibmcloud.com/vulnerabilities/50928 Common Vulnerability Exposure (CVE) ID: CVE-2009-0580 BugTraq ID: 35196 http://www.securityfocus.com/bid/35196 Bugtraq: 20090603 [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search) http://www.securityfocus.com/archive/1/504045/100/0/threaded Bugtraq: 20090604 Re: [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search) http://www.securityfocus.com/archive/1/504108/100/0/threaded Bugtraq: 20090605 [SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search) http://www.securityfocus.com/archive/1/504125/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18915 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6628 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9101 http://securitytracker.com/id?1022332 XForce ISS Database: tomcat-jsecuritycheck-info-disclosure(50930) https://exchange.xforce.ibmcloud.com/vulnerabilities/50930 Common Vulnerability Exposure (CVE) ID: CVE-2009-0781 Bugtraq: 20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application (Google Search) http://www.securityfocus.com/archive/1/501538/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11041 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6564 XForce ISS Database: tomcat-cal2-xss(49213) https://exchange.xforce.ibmcloud.com/vulnerabilities/49213 Common Vulnerability Exposure (CVE) ID: CVE-2009-0783 BugTraq ID: 35416 http://www.securityfocus.com/bid/35416 Bugtraq: 20090604 [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure (Google Search) http://www.securityfocus.com/archive/1/504090/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10716 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18913 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6450 http://www.securitytracker.com/id?1022336 XForce ISS Database: tomcat-xml-information-disclosure(51195) https://exchange.xforce.ibmcloud.com/vulnerabilities/51195
Copyright	Copyright (C) 2015 Eero Volotinen

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.