Test Kennung:	1.3.6.1.4.1.25623.1.0.148785
Kategorie:	Web Servers
Titel:	Apache Tomcat Information Disclosure Vulnerability (Sep 2022) - Linux
Zusammenfassung:	Apache Tomcat is prone to an information disclosure; vulnerability.
Beschreibung:	Summary: Apache Tomcat is prone to an information disclosure vulnerability. Vulnerability Insight: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. Affected Software/OS: Apache Tomcat version 8.5.0 through 8.5.77, 9.0.0-M1 through 9.0.60, 10.0.0-M1 through 10.0.18 and 10.1.0-M1 through 10.1.0-M12. Solution: Update to version 8.5.78, 9.0.62, 10.0.20, 10.1.0-M14 or later. CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-43980 Debian Security Information: DSA-5265 (Google Search) https://www.debian.org/security/2022/dsa-5265 https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3 https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html http://www.openwall.com/lists/oss-security/2022/09/28/1
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.