| Description: | Summary:
The remote host is missing an update for the 'tomcat5'
package(s) announced via the referenced advisory.
Vulnerability Insight:
Multiple vulnerabilities has been found and corrected in tomcat5:
When running under a SecurityManager, access to the file system is
limited but web applications are granted read/write permissions to
the work directory. This directory is used for a variety of temporary
files such as the intermediate files generated when compiling JSPs
to Servlets. The location of the work directory is specified by
a ServletContect attribute that is meant to be read-only to web
applications. However, due to a coding error, the read-only setting
was not applied. Therefore, a malicious web application may modify
the attribute before Tomcat applies the file permissions. This can be
used to grant read/write permissions to any area on the file system
which a malicious web application may then take advantage of. This
vulnerability is only applicable when hosting web applications from
untrusted sources such as shared hosting environments (CVE-2010-3718).
The HTML Manager interface displayed web application provided data,
such as display names, without filtering. A malicious web application
could trigger script execution by an administartive user when viewing
the manager pages (CVE-2011-0013).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. The updated packages have been patched to correct these issues.
Affected Software/OS:
tomcat5 on Mandriva Linux 2009.0,
Mandriva Linux 2009.0/X86_64,
Mandriva Linux 2010.0,
Mandriva Linux 2010.0/X86_64,
Mandriva Linux 2010.1,
Mandriva Linux 2010.1/X86_64,
Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64
Solution:
Please Install the Updated Packages.
CVSS Score:
4.3
CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
