ID de Prueba:	1.3.6.1.4.1.25623.1.0.120359
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2014-312)
Resumen:	The remote host is missing an update for the 'tomcat7' package(s) announced via the ALAS-2014-312 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat7' package(s) announced via the ALAS-2014-312 advisory. Vulnerability Insight: MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions. Affected Software/OS: 'tomcat7' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0050 BugTraq ID: 65400 http://www.securityfocus.com/bid/65400 Bugtraq: 20140625 NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library (Google Search) http://www.securityfocus.com/archive/1/532549/100/0/threaded Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Debian Security Information: DSA-2856 (Google Search) http://www.debian.org/security/2014/dsa-2856 http://seclists.org/fulldisclosure/2014/Dec/23 https://security.gentoo.org/glsa/202107-39 HPdes Security Advisory: HPSBGN03329 http://marc.info/?l=bugtraq&m=143136844732487&w=2 http://jvn.jp/en/jp/JVN14876762/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017 http://www.mandriva.com/security/advisories?name=MDVSA-2015:084 http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E RedHat Security Advisories: RHSA-2014:0252 http://rhn.redhat.com/errata/RHSA-2014-0252.html RedHat Security Advisories: RHSA-2014:0253 http://rhn.redhat.com/errata/RHSA-2014-0253.html RedHat Security Advisories: RHSA-2014:0400 http://rhn.redhat.com/errata/RHSA-2014-0400.html http://secunia.com/advisories/57915 http://secunia.com/advisories/58075 http://secunia.com/advisories/58976 http://secunia.com/advisories/59039 http://secunia.com/advisories/59041 http://secunia.com/advisories/59183 http://secunia.com/advisories/59184 http://secunia.com/advisories/59185 http://secunia.com/advisories/59187 http://secunia.com/advisories/59232 http://secunia.com/advisories/59399 http://secunia.com/advisories/59492 http://secunia.com/advisories/59500 http://secunia.com/advisories/59725 http://secunia.com/advisories/60475 http://secunia.com/advisories/60753 http://www.ubuntu.com/usn/USN-2130-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.