ID de Prueba:	1.3.6.1.4.1.25623.1.0.123663
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-0640)
Resumen:	The remote host is missing an update for the 'tomcat5' package(s) announced via the ELSA-2013-0640 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat5' package(s) announced via the ELSA-2013-0640 advisory. Vulnerability Insight: [0:5.5.23-0jpp.38] - Resolves: CVE-2012-3439 rhbz#882008 three DIGEST authentication - implementation - Resolves: CVE-2012-3546, rhbz#913034 Bypass of security constraints. - Remove unneeded handling of FORM authentication in RealmBase Affected Software/OS: 'tomcat5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3546 1027833 http://www.securitytracker.com/id?1027833 20121204 CVE-2012-3546 Apache Tomcat Bypass of security constraints http://archives.neohapsis.com/archives/bugtraq/2012-12/0044.html 51984 http://secunia.com/advisories/51984 52054 http://secunia.com/advisories/52054 56812 http://www.securityfocus.com/bid/56812 57126 http://secunia.com/advisories/57126 HPSBMU02873 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878 HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 HPSBUX02866 http://marc.info/?l=bugtraq&m=136612293908376&w=2 RHSA-2013:0004 http://rhn.redhat.com/errata/RHSA-2013-0004.html RHSA-2013:0005 http://rhn.redhat.com/errata/RHSA-2013-0005.html RHSA-2013:0146 http://rhn.redhat.com/errata/RHSA-2013-0146.html RHSA-2013:0147 http://rhn.redhat.com/errata/RHSA-2013-0147.html RHSA-2013:0151 http://rhn.redhat.com/errata/RHSA-2013-0151.html RHSA-2013:0157 http://rhn.redhat.com/errata/RHSA-2013-0157.html RHSA-2013:0158 http://rhn.redhat.com/errata/RHSA-2013-0158.html RHSA-2013:0162 http://rhn.redhat.com/errata/RHSA-2013-0162.html RHSA-2013:0163 http://rhn.redhat.com/errata/RHSA-2013-0163.html RHSA-2013:0164 http://rhn.redhat.com/errata/RHSA-2013-0164.html RHSA-2013:0191 http://rhn.redhat.com/errata/RHSA-2013-0191.html RHSA-2013:0192 http://rhn.redhat.com/errata/RHSA-2013-0192.html RHSA-2013:0193 http://rhn.redhat.com/errata/RHSA-2013-0193.html RHSA-2013:0194 http://rhn.redhat.com/errata/RHSA-2013-0194.html RHSA-2013:0195 http://rhn.redhat.com/errata/RHSA-2013-0195.html RHSA-2013:0196 http://rhn.redhat.com/errata/RHSA-2013-0196.html RHSA-2013:0197 http://rhn.redhat.com/errata/RHSA-2013-0197.html RHSA-2013:0198 http://rhn.redhat.com/errata/RHSA-2013-0198.html RHSA-2013:0221 http://rhn.redhat.com/errata/RHSA-2013-0221.html RHSA-2013:0235 http://rhn.redhat.com/errata/RHSA-2013-0235.html RHSA-2013:0623 http://rhn.redhat.com/errata/RHSA-2013-0623.html RHSA-2013:0640 http://rhn.redhat.com/errata/RHSA-2013-0640.html RHSA-2013:0641 http://rhn.redhat.com/errata/RHSA-2013-0641.html RHSA-2013:0642 http://rhn.redhat.com/errata/RHSA-2013-0642.html SSRT101139 SSRT101182 USN-1685-1 http://www.ubuntu.com/usn/USN-1685-1 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?r1=1377892&r2=1377891&pathrev=1377892 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1377892&r2=1377891&pathrev=1377892 http://svn.apache.org/viewvc?view=revision&revision=1377892 http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-7.html openSUSE-SU-2012:1700 http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html openSUSE-SU-2012:1701 http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html openSUSE-SU-2013:0147 http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html oval:org.mitre.oval:def:19305 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19305 Common Vulnerability Exposure (CVE) ID: CVE-2012-5885 BugTraq ID: 56403 http://www.securityfocus.com/bid/56403 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: HPSBUX02866 HPdes Security Advisory: SSRT101139 HPdes Security Advisory: SSRT101146 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19432 RedHat Security Advisories: RHSA-2013:0623 RedHat Security Advisories: RHSA-2013:0629 http://rhn.redhat.com/errata/RHSA-2013-0629.html RedHat Security Advisories: RHSA-2013:0631 http://rhn.redhat.com/errata/RHSA-2013-0631.html RedHat Security Advisories: RHSA-2013:0632 http://rhn.redhat.com/errata/RHSA-2013-0632.html RedHat Security Advisories: RHSA-2013:0633 http://rhn.redhat.com/errata/RHSA-2013-0633.html RedHat Security Advisories: RHSA-2013:0640 RedHat Security Advisories: RHSA-2013:0647 http://rhn.redhat.com/errata/RHSA-2013-0647.html RedHat Security Advisories: RHSA-2013:0648 http://rhn.redhat.com/errata/RHSA-2013-0648.html RedHat Security Advisories: RHSA-2013:0726 http://rhn.redhat.com/errata/RHSA-2013-0726.html http://secunia.com/advisories/51371 SuSE Security Announcement: openSUSE-SU-2012:1700 (Google Search) SuSE Security Announcement: openSUSE-SU-2012:1701 (Google Search) SuSE Security Announcement: openSUSE-SU-2013:0147 (Google Search) http://www.ubuntu.com/usn/USN-1637-1 XForce ISS Database: tomcat-replay-security-bypass(80408) https://exchange.xforce.ibmcloud.com/vulnerabilities/80408 Common Vulnerability Exposure (CVE) ID: CVE-2012-5886 XForce ISS Database: tomcat-http-Digest-security-bypass(80407) https://exchange.xforce.ibmcloud.com/vulnerabilities/80407 Common Vulnerability Exposure (CVE) ID: CVE-2012-5887 XForce ISS Database: tomcat-digest-security-bypass(79809) https://exchange.xforce.ibmcloud.com/vulnerabilities/79809
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.