Test Kennung:	1.3.6.1.4.1.25623.1.0.120055
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2015-525)
Zusammenfassung:	The remote host is missing an update for the 'tomcat6' package(s) announced via the ALAS-2015-525 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'tomcat6' package(s) announced via the ALAS-2015-525 advisory. Vulnerability Insight: It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service. Affected Software/OS: 'tomcat6' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0227 BugTraq ID: 72717 http://www.securityfocus.com/bid/72717 Bugtraq: 20150209 [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling (Google Search) http://archives.neohapsis.com/archives/bugtraq/2015-02/0067.html Debian Security Information: DSA-3447 (Google Search) http://www.debian.org/security/2016/dsa-3447 Debian Security Information: DSA-3530 (Google Search) http://www.debian.org/security/2016/dsa-3530 http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html HPdes Security Advisory: HPSBUX03337 http://marc.info/?l=bugtraq&m=143403519711434&w=2 HPdes Security Advisory: HPSBUX03341 http://marc.info/?l=bugtraq&m=143393515412274&w=2 HPdes Security Advisory: SSRT102066 HPdes Security Advisory: SSRT102068 http://www.mandriva.com/security/advisories?name=MDVSA-2015:052 http://www.mandriva.com/security/advisories?name=MDVSA-2015:053 http://www.mandriva.com/security/advisories?name=MDVSA-2015:084 https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2015:0675 http://rhn.redhat.com/errata/RHSA-2015-0675.html RedHat Security Advisories: RHSA-2015:0720 http://rhn.redhat.com/errata/RHSA-2015-0720.html RedHat Security Advisories: RHSA-2015:0765 http://rhn.redhat.com/errata/RHSA-2015-0765.html RedHat Security Advisories: RHSA-2015:0983 http://rhn.redhat.com/errata/RHSA-2015-0983.html RedHat Security Advisories: RHSA-2015:0991 http://rhn.redhat.com/errata/RHSA-2015-0991.html http://www.securitytracker.com/id/1032791 http://www.ubuntu.com/usn/USN-2654-1 http://www.ubuntu.com/usn/USN-2655-1
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.