Test Kennung:	1.3.6.1.4.1.25623.1.0.58253
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200705-03 (tomcat)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200705-03. A vulnerability has been discovered in Tomcat that allows for the disclosure of sensitive information. Solution: All Tomcat users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/tomcat-5.5.22' https://secure1.securityspace.com/smysecure/catid.html?in=GLSA%20200705-03 http://bugs.gentoo.org/show_bug.cgi?id=173122 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0450 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html BugTraq ID: 22960 http://www.securityfocus.com/bid/22960 BugTraq ID: 25159 http://www.securityfocus.com/bid/25159 Bugtraq: 20070314 SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal (Google Search) http://www.securityfocus.com/archive/1/462791/100/0/threaded Bugtraq: 20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 (Google Search) http://www.securityfocus.com/archive/1/485938/100/0/threaded Bugtraq: 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/500396/100/0/threaded Bugtraq: 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Google Search) http://www.securityfocus.com/archive/1/500412/100/0/threaded http://security.gentoo.org/glsa/glsa-200705-03.xml HPdes Security Advisory: HPSBUX02262 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 HPdes Security Advisory: SSRT071447 http://www.mandriva.com/security/advisories?name=MDKSA-2007:241 http://www.sec-consult.com/287.html http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt http://lists.vmware.com/pipermail/security-announce/2008/000003.html https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10643 http://www.redhat.com/support/errata/RHSA-2007-0327.html http://www.redhat.com/support/errata/RHSA-2007-0360.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://secunia.com/advisories/24732 http://secunia.com/advisories/25106 http://secunia.com/advisories/25280 http://secunia.com/advisories/26235 http://secunia.com/advisories/26660 http://secunia.com/advisories/27037 http://secunia.com/advisories/28365 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://secunia.com/advisories/33668 http://securityreason.com/securityalert/2446 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 SuSE Security Announcement: SUSE-SR:2007:005 (Google Search) http://www.novell.com/linux/security/advisories/2007_5_sr.html SuSE Security Announcement: SUSE-SR:2007:015 (Google Search) http://www.novell.com/linux/security/advisories/2007_15_sr.html http://www.vupen.com/english/advisories/2007/0975 http://www.vupen.com/english/advisories/2007/2732 http://www.vupen.com/english/advisories/2007/3087 http://www.vupen.com/english/advisories/2007/3386 http://www.vupen.com/english/advisories/2008/0065 http://www.vupen.com/english/advisories/2008/1979/references http://www.vupen.com/english/advisories/2009/0233 XForce ISS Database: tomcat-proxy-directory-traversal(32988) https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.