CentOS Local Security Checks : CentOS Security Advisory CESA-2007:0569 (tomcat)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.62193

Categoría: CentOS Local Security Checks

Título: CentOS Security Advisory CESA-2007:0569 (tomcat)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates to tomcat announced in
advisory CESA-2007:0569.

For details on the issues addressed in this update,
please visit the referenced security advisories.

Solution:
Update the appropriate packages on your system.

http://www.securityspace.com/smysecure/catid.html?in=CESA-2007:0569
http://www.securityspace.com/smysecure/catid.html?in=RHSA-2007:0569
https://rhn.redhat.com/errata/RHSA-2007-0569.html

Risk factor : Medium

CVSS Score:
4.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-2449
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
BugTraq ID: 24476
http://www.securityfocus.com/bid/24476
Bugtraq: 20070614 [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples (Google Search)
http://www.securityfocus.com/archive/1/471351/100/0/threaded
Bugtraq: 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/500396/100/0/threaded
Bugtraq: 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Google Search)
http://www.securityfocus.com/archive/1/500412/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
HPdes Security Advisory: HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPdes Security Advisory: SSRT071447
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
http://osvdb.org/36080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10578
http://www.redhat.com/support/errata/RHSA-2007-0569.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
RedHat Security Advisories: RHSA-2008:0630
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://www.securitytracker.com/id?1018245
http://secunia.com/advisories/26076
http://secunia.com/advisories/27037
http://secunia.com/advisories/27727
http://secunia.com/advisories/29392
http://secunia.com/advisories/30802
http://secunia.com/advisories/31493
http://secunia.com/advisories/33668
http://securityreason.com/securityalert/2804
SuSE Security Announcement: SUSE-SR:2008:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://www.vupen.com/english/advisories/2007/2213
http://www.vupen.com/english/advisories/2007/3386
http://www.vupen.com/english/advisories/2008/1981/references
http://www.vupen.com/english/advisories/2009/0233
XForce ISS Database: tomcat-example-xss(34869)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34869
Common Vulnerability Exposure (CVE) ID: CVE-2007-2450
BugTraq ID: 24475
http://www.securityfocus.com/bid/24475
Bugtraq: 20070614 [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager (Google Search)
http://www.securityfocus.com/archive/1/471357/100/0/threaded
Debian Security Information: DSA-1468 (Google Search)
http://www.debian.org/security/2008/dsa-1468
http://jvn.jp/jp/JVN%2307100457/index.html
http://www.osvdb.org/36079
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11287
http://secunia.com/advisories/25678
http://secunia.com/advisories/28549
http://secunia.com/advisories/30899
http://secunia.com/advisories/30908
http://securityreason.com/securityalert/2813
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
http://www.vupen.com/english/advisories/2008/1979/references
XForce ISS Database: tomcat-hostmanager-xss(34868)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34868

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.62193
Categoría:	CentOS Local Security Checks
Título:	CentOS Security Advisory CESA-2007:0569 (tomcat)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to tomcat announced in advisory CESA-2007:0569. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2007:0569 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2007:0569 https://rhn.redhat.com/errata/RHSA-2007-0569.html Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2449 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html BugTraq ID: 24476 http://www.securityfocus.com/bid/24476 Bugtraq: 20070614 [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples (Google Search) http://www.securityfocus.com/archive/1/471351/100/0/threaded Bugtraq: 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/500396/100/0/threaded Bugtraq: 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Google Search) http://www.securityfocus.com/archive/1/500412/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html HPdes Security Advisory: HPSBUX02262 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 HPdes Security Advisory: SSRT071447 http://www.mandriva.com/security/advisories?name=MDKSA-2007:241 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E http://osvdb.org/36080 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10578 http://www.redhat.com/support/errata/RHSA-2007-0569.html http://www.redhat.com/support/errata/RHSA-2008-0261.html RedHat Security Advisories: RHSA-2008:0630 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://www.securitytracker.com/id?1018245 http://secunia.com/advisories/26076 http://secunia.com/advisories/27037 http://secunia.com/advisories/27727 http://secunia.com/advisories/29392 http://secunia.com/advisories/30802 http://secunia.com/advisories/31493 http://secunia.com/advisories/33668 http://securityreason.com/securityalert/2804 SuSE Security Announcement: SUSE-SR:2008:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.vupen.com/english/advisories/2007/2213 http://www.vupen.com/english/advisories/2007/3386 http://www.vupen.com/english/advisories/2008/1981/references http://www.vupen.com/english/advisories/2009/0233 XForce ISS Database: tomcat-example-xss(34869) https://exchange.xforce.ibmcloud.com/vulnerabilities/34869 Common Vulnerability Exposure (CVE) ID: CVE-2007-2450 BugTraq ID: 24475 http://www.securityfocus.com/bid/24475 Bugtraq: 20070614 [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager (Google Search) http://www.securityfocus.com/archive/1/471357/100/0/threaded Debian Security Information: DSA-1468 (Google Search) http://www.debian.org/security/2008/dsa-1468 http://jvn.jp/jp/JVN%2307100457/index.html http://www.osvdb.org/36079 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11287 http://secunia.com/advisories/25678 http://secunia.com/advisories/28549 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://securityreason.com/securityalert/2813 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 http://www.vupen.com/english/advisories/2008/1979/references XForce ISS Database: tomcat-hostmanager-xss(34868) https://exchange.xforce.ibmcloud.com/vulnerabilities/34868
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com