| Beschreibung: | Summary:
The remote host is missing an update for the 'tomcat6'
package(s) announced via the referenced advisory.
Vulnerability Insight:
Apache Tomcat is a servlet container for
the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the code that parsed the HTTP request line
permitted invalid characters. This could be exploited, in conjunction with
a proxy that also permitted the invalid characters but with a different
interpretation, to inject data into the HTTP response. By manipulating the
HTTP response the attacker could poison a web-cache, perform an XSS attack,
or obtain sensitive information from requests other then their own.
(CVE-2016-6816)
Note: This fix causes Tomcat to respond with an HTTP 400 Bad Request error
when request contains characters that are not permitted by the HTTP
specification to appear not encoded, even though they were previously
accepted. The newly introduced system property
tomcat.util.http.parser.HttpParser.requestTargetAllow can be used to
configure Tomcat to accept curly braces ({ and }) and the pipe symbol
in not encoded form, as these are often used in URLs without being properly
encoded.
* A bug was discovered in the error handling of the send file code for the
NIO HTTP connector. This led to the current Processor object being added to
the Processor cache multiple times allowing information leakage between
requests including, and not limited to, session ID and the response body.
(CVE-2016-8745)
Affected Software/OS:
tomcat6 on
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)
Solution:
Please Install the Updated Packages.
CVSS Score:
6.8
CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
