Test Kennung:	1.3.6.1.4.1.25623.1.0.70752
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: tomcat
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: tomcat CVE-2012-0022 Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0022 BugTraq ID: 51447 http://www.securityfocus.com/bid/51447 Bugtraq: 20120117 [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-01/0112.html Debian Security Information: DSA-2401 (Google Search) http://www.debian.org/security/2012/dsa-2401 HPdes Security Advisory: HPSBMU02747 http://marc.info/?l=bugtraq&m=133294394108746&w=2 HPdes Security Advisory: HPSBUX02741 http://marc.info/?l=bugtraq&m=132871655717248&w=2 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100728 HPdes Security Advisory: SSRT100771 HPdes Security Advisory: SSRT101146 http://www.mandriva.com/security/advisories?name=MDVSA-2012:085 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16925 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18934 RedHat Security Advisories: RHSA-2012:0074 http://rhn.redhat.com/errata/RHSA-2012-0074.html RedHat Security Advisories: RHSA-2012:0075 http://rhn.redhat.com/errata/RHSA-2012-0075.html RedHat Security Advisories: RHSA-2012:0076 http://rhn.redhat.com/errata/RHSA-2012-0076.html RedHat Security Advisories: RHSA-2012:0077 http://rhn.redhat.com/errata/RHSA-2012-0077.html RedHat Security Advisories: RHSA-2012:0078 http://rhn.redhat.com/errata/RHSA-2012-0078.html RedHat Security Advisories: RHSA-2012:0325 http://rhn.redhat.com/errata/RHSA-2012-0325.html RedHat Security Advisories: RHSA-2012:0345 http://rhn.redhat.com/errata/RHSA-2012-0345.html RedHat Security Advisories: RHSA-2012:1331 http://rhn.redhat.com/errata/RHSA-2012-1331.html http://secunia.com/advisories/48213 http://secunia.com/advisories/48549 http://secunia.com/advisories/48790 http://secunia.com/advisories/48791 http://secunia.com/advisories/50863 XForce ISS Database: apache-tomcat-parameter-dos(72425) https://exchange.xforce.ibmcloud.com/vulnerabilities/72425
Copyright	Copyright (C) 2012 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.