Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2016-0492)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122909

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2016-0492)

Resumen: The remote host is missing an update for the 'tomcat6' package(s) announced via the ELSA-2016-0492 advisory.

Descripción: Summary:
The remote host is missing an update for the 'tomcat6' package(s) announced via the ELSA-2016-0492 advisory.

Vulnerability Insight:
[0:6.0.24-94]
- Resolves: rhbz#1293289 CVE-2014-7810 tomcat6 security manager bypass via EL expressions

[0:6.0.24-93]
- Resolves: rhbz#1301646 Resolving NIO connector memory leak

Affected Software/OS:
'tomcat6' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-7810
BugTraq ID: 74665
http://www.securityfocus.com/bid/74665
Debian Security Information: DSA-3428 (Google Search)
http://www.debian.org/security/2015/dsa-3428
Debian Security Information: DSA-3447 (Google Search)
http://www.debian.org/security/2016/dsa-3447
Debian Security Information: DSA-3530 (Google Search)
http://www.debian.org/security/2016/dsa-3530
HPdes Security Advisory: HPSBUX03561
http://marc.info/?l=bugtraq&m=145974991225029&w=2
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
RedHat Security Advisories: RHSA-2015:1621
http://rhn.redhat.com/errata/RHSA-2015-1621.html
RedHat Security Advisories: RHSA-2015:1622
http://rhn.redhat.com/errata/RHSA-2015-1622.html
RedHat Security Advisories: RHSA-2016:0492
http://rhn.redhat.com/errata/RHSA-2016-0492.html
RedHat Security Advisories: RHSA-2016:2046
http://rhn.redhat.com/errata/RHSA-2016-2046.html
http://www.securitytracker.com/id/1032330
http://www.ubuntu.com/usn/USN-2654-1
http://www.ubuntu.com/usn/USN-2655-1

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122909
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2016-0492)
Resumen:	The remote host is missing an update for the 'tomcat6' package(s) announced via the ELSA-2016-0492 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat6' package(s) announced via the ELSA-2016-0492 advisory. Vulnerability Insight: [0:6.0.24-94] - Resolves: rhbz#1293289 CVE-2014-7810 tomcat6 security manager bypass via EL expressions [0:6.0.24-93] - Resolves: rhbz#1301646 Resolving NIO connector memory leak Affected Software/OS: 'tomcat6' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-7810 BugTraq ID: 74665 http://www.securityfocus.com/bid/74665 Debian Security Information: DSA-3428 (Google Search) http://www.debian.org/security/2015/dsa-3428 Debian Security Information: DSA-3447 (Google Search) http://www.debian.org/security/2016/dsa-3447 Debian Security Information: DSA-3530 (Google Search) http://www.debian.org/security/2016/dsa-3530 HPdes Security Advisory: HPSBUX03561 http://marc.info/?l=bugtraq&m=145974991225029&w=2 https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2015:1621 http://rhn.redhat.com/errata/RHSA-2015-1621.html RedHat Security Advisories: RHSA-2015:1622 http://rhn.redhat.com/errata/RHSA-2015-1622.html RedHat Security Advisories: RHSA-2016:0492 http://rhn.redhat.com/errata/RHSA-2016-0492.html RedHat Security Advisories: RHSA-2016:2046 http://rhn.redhat.com/errata/RHSA-2016-2046.html http://www.securitytracker.com/id/1032330 http://www.ubuntu.com/usn/USN-2654-1 http://www.ubuntu.com/usn/USN-2655-1
Copyright	Copyright (C) 2016 Greenbone AG